# Update Delegation Settings for One Organization **PATCH /api/atlas/v2/orgs/{orgId}/delegationSettings** Updates the delegation settings for the specified organization. Only fields present in the request body are updated; omitted fields retain their current values. ## Role requirements - Organization Owner ## Servers - https://cloud.mongodb.com: https://cloud.mongodb.com () ## Authentication methods - Service accounts - Digest auth ## Parameters ### Path parameters - **orgId** (string) Unique 24-hexadecimal digit string that identifies the organization that contains your projects. Use the [`/orgs`](#tag/Organizations/operation/listOrganizations) endpoint to retrieve all organizations to which the authenticated user has access. ### Query parameters - **envelope** (boolean) Flag that indicates whether Application wraps the response in an `envelope` JSON object. Some API clients cannot access the HTTP response headers or status code. To remediate this, set envelope=true in the query. Endpoints that return a list of results use the results object as an envelope. Application adds the status parameter to the response body. - **pretty** (boolean) Flag that indicates whether the response body should be in the prettyprint format. ### Body: application/vnd.atlas.2025-03-12+json (object) Delegation settings to update. - **delegatedMcpAccess** (string | null) Policy that controls how MCP (Model Context Protocol) delegated access is permitted within this organization. Possible values are `DISALLOWED`, `READ_ONLY`, and `READ_WRITE`. Defaults to `DISALLOWED`. - **delegatedPartnerAccess** (string | null) Policy that controls whether partner delegated access is permitted within this organization. Possible values are `DISALLOWED` and `READ_WRITE`. Defaults to `DISALLOWED`. - **idleRefreshTokenLifetime** (integer(int64) | null) Maximum number of seconds a refresh token may be idle before it expires. Omit to leave unchanged; set to null to reset to the system default. Must be between 1 and 31536000 (1 year) when provided. - **maximumRefreshTokenLifetime** (integer(int64) | null) Maximum lifetime of a refresh token in seconds, regardless of activity. Omit to leave unchanged; set to null to reset to the system default. Must be between 1 and 31536000 (1 year) when provided. ## Responses ### 200 OK #### Headers - **RateLimit-Limit** () The maximum number of requests that a user can make within a specific time window. - **RateLimit-Remaining** () The number of requests remaining in the current rate limit window before the limit is reached. #### Body: application/vnd.atlas.2025-03-12+json (object) - **delegatedMcpAccess** (string | null) Policy that controls how MCP (Model Context Protocol) delegated access is permitted within this organization. Possible values are `DISALLOWED`, `READ_ONLY`, and `READ_WRITE`. Defaults to `DISALLOWED`. - **delegatedPartnerAccess** (string | null) Policy that controls whether partner delegated access is permitted within this organization. Possible values are `DISALLOWED` and `READ_WRITE`. Defaults to `DISALLOWED`. - **idleRefreshTokenLifetime** (integer(int64) | null) Maximum number of seconds a refresh token may be idle before it expires. When not set, the system default applies. - **maximumRefreshTokenLifetime** (integer(int64) | null) Maximum lifetime of a refresh token in seconds, regardless of activity. When not set, the system default applies. ### 400 Bad Request. #### Body: application/json (object) - **badRequestDetail** (object | null) Bad request detail. - **detail** (string | null) Describes the specific conditions or reasons that cause each type of error. - **error** (integer(int32)) HTTP status code returned with this error. - **errorCode** (string) Application error code returned with this error. - **parameters** (array[object]) Parameters used to give more information about the error. - **reason** (string | null) Application error message returned with this error. ### 401 Unauthorized. #### Body: application/json (object) - **badRequestDetail** (object | null) Bad request detail. - **detail** (string | null) Describes the specific conditions or reasons that cause each type of error. - **error** (integer(int32)) HTTP status code returned with this error. - **errorCode** (string) Application error code returned with this error. - **parameters** (array[object]) Parameters used to give more information about the error. - **reason** (string | null) Application error message returned with this error. ### 403 Forbidden. #### Body: application/json (object) - **badRequestDetail** (object | null) Bad request detail. - **detail** (string | null) Describes the specific conditions or reasons that cause each type of error. - **error** (integer(int32)) HTTP status code returned with this error. - **errorCode** (string) Application error code returned with this error. - **parameters** (array[object]) Parameters used to give more information about the error. - **reason** (string | null) Application error message returned with this error. ### 404 Not Found. #### Body: application/json (object) - **badRequestDetail** (object | null) Bad request detail. - **detail** (string | null) Describes the specific conditions or reasons that cause each type of error. - **error** (integer(int32)) HTTP status code returned with this error. - **errorCode** (string) Application error code returned with this error. - **parameters** (array[object]) Parameters used to give more information about the error. - **reason** (string | null) Application error message returned with this error. ### 429 Too Many Requests. #### Headers - **RateLimit-Limit** () The maximum number of requests that a user can make within a specific time window. - **RateLimit-Remaining** () The number of requests remaining in the current rate limit window before the limit is reached. - **Retry-After** () The minimum time you should wait, in seconds, before retrying the API request. This header might be returned for 429 or 503 error responses. #### Body: application/json (object) - **badRequestDetail** (object | null) Bad request detail. - **detail** (string | null) Describes the specific conditions or reasons that cause each type of error. - **error** (integer(int32)) HTTP status code returned with this error. - **errorCode** (string) Application error code returned with this error. - **parameters** (array[object]) Parameters used to give more information about the error. - **reason** (string | null) Application error message returned with this error. ### 500 Internal Server Error. #### Body: application/json (object) - **badRequestDetail** (object | null) Bad request detail. - **detail** (string | null) Describes the specific conditions or reasons that cause each type of error. - **error** (integer(int32)) HTTP status code returned with this error. - **errorCode** (string) Application error code returned with this error. - **parameters** (array[object]) Parameters used to give more information about the error. - **reason** (string | null) Application error message returned with this error. [Powered by Bump.sh](https://bump.sh)