Skip to main content
POST
/
customers
/
{customer_id}
/
permissions
Grant a permission to a customer
curl --request POST \
  --url https://api.qonversion.io/v4/customers/{customer_id}/permissions \
  --header 'Authorization: Bearer <token>' \
  --header 'Content-Type: application/json' \
  --data '
{
  "permission_id": "premium_access",
  "expires_at": "2026-01-01T00:00:00Z"
}
'
{
  "object": "customer_permission",
  "url": "/v4/customers/customer_abc123/permissions/premium_access",
  "permission_id": "premium_access",
  "expires_at": "2026-01-01T00:00:00Z"
}

Documentation Index

Fetch the complete documentation index at: https://documentation.qonversion.io/llms.txt

Use this file to discover all available pages before exploring further.

Authorizations

Authorization
string
header
required

Bearer authentication using the project Secret Key (prefixed with sk_, or test_sk_ for sandbox). All v4 public endpoints require the Secret Key — see Authentication. Never expose the Secret Key in client-side code.

Path Parameters

customer_id
string
required

Customer identifier.

Body

application/json
permission_id
string
required

Permission identifier to grant. Must be alphanumeric, hyphens, underscores, or dots. Max 256 characters.

Maximum string length: 256
Example:

"premium_access"

expires_at
string<date-time> | null

Optional expiration timestamp in RFC 3339 / ISO 8601 format. Omit for a non-expiring permission.

Example:

"2026-01-01T00:00:00Z"

Response

Permission granted.

Created permission resource. The permission_id and expires_at fields echo the request body alongside the standard object and url envelope keys.

object
enum<string>
required
Available options:
customer_permission
url
string
required
Example:

"/v4/customers/customer_abc123/permissions/premium_access"

permission_id
string
required
Example:

"premium_access"

expires_at
string<date-time> | null
required
Example:

"2026-01-01T00:00:00Z"