# Update Organization API Key Roles for One Project **PATCH /api/atlas/v2/groups/{groupId}/apiKeys/{apiUserId}** Updates the roles of the organization API key that you specify for the project that you specify. You must specify at least one valid role for the project. The application removes any roles that you do not include in this request if they were previously set in the organization API key that you specify for the project. ## Servers - https://cloud.mongodb.com: https://cloud.mongodb.com () ## Authentication methods - Service accounts - Digest auth ## Parameters ### Path parameters - **groupId** (string) Unique 24-hexadecimal digit string that identifies your project. Use the [/groups](#tag/Projects/operation/listProjects) endpoint to retrieve all projects to which the authenticated user has access. **NOTE**: Groups and projects are synonymous terms. Your group id is the same as your project id. For existing groups, your group/project id remains the same. The resource and corresponding endpoints use the term groups. - **apiUserId** (string) Unique 24-hexadecimal digit string that identifies this organization API key that you want to unassign from one project. ### Query parameters - **pageNum** (integer) Number of the page that displays the current set of the total objects that the response returns. - **itemsPerPage** (integer) Number of items that the response returns per page. - **includeCount** (boolean) Flag that indicates whether the response returns the total number of items (**totalCount**) in the response. - **pretty** (boolean) Flag that indicates whether the response body should be in the prettyprint format. - **envelope** (boolean) Flag that indicates whether Application wraps the response in an `envelope` JSON object. Some API clients cannot access the HTTP response headers or status code. To remediate this, set envelope=true in the query. Endpoints that return a list of results use the results object as an envelope. Application adds the status parameter to the response body. ### Body: application/vnd.atlas.2023-01-01+json (object) Organization API Key to be updated. This request requires a minimum of one of the two body parameters. - **desc** (string) Purpose or explanation provided when someone creates this project API key. - **roles** (array[string]) List of roles to grant this API key. If you provide this list, provide a minimum of one role and ensure each role applies to this project. ## Responses ### 200 OK #### Body: application/vnd.atlas.2023-01-01+json (object) - **desc** (string) Purpose or explanation provided when someone created this organization API key. - **id** (string) Unique 24-hexadecimal digit string that identifies this organization API key assigned to this project. - **links** (array[object]) List of one or more Uniform Resource Locators (URLs) that point to API sub-resources, related API resources, or both. RFC 5988 outlines these relationships. - **privateKey** (string) Redacted private key returned for this organization API key. This key displays unredacted when first created. - **publicKey** (string) Public API key value set for the specified organization API key. - **roles** (array[object]) List that contains the roles that the API key needs to have. All roles you provide must be valid for the specified project or organization. Each request must include a minimum of one valid role. The resource returns all project and organization roles assigned to the API key. ### 400 Bad Request. #### Body: application/json (object) - **badRequestDetail** (object) Bad request detail. - **detail** (string) Describes the specific conditions or reasons that cause each type of error. - **error** (integer(int32)) HTTP status code returned with this error. - **errorCode** (string) Application error code returned with this error. - **parameters** (array[object]) Parameters used to give more information about the error. - **reason** (string) Application error message returned with this error. ### 401 Unauthorized. #### Body: application/json (object) - **badRequestDetail** (object) Bad request detail. - **detail** (string) Describes the specific conditions or reasons that cause each type of error. - **error** (integer(int32)) HTTP status code returned with this error. - **errorCode** (string) Application error code returned with this error. - **parameters** (array[object]) Parameters used to give more information about the error. - **reason** (string) Application error message returned with this error. ### 403 Forbidden. #### Body: application/json (object) - **badRequestDetail** (object) Bad request detail. - **detail** (string) Describes the specific conditions or reasons that cause each type of error. - **error** (integer(int32)) HTTP status code returned with this error. - **errorCode** (string) Application error code returned with this error. - **parameters** (array[object]) Parameters used to give more information about the error. - **reason** (string) Application error message returned with this error. ### 404 Not Found. #### Body: application/json (object) - **badRequestDetail** (object) Bad request detail. - **detail** (string) Describes the specific conditions or reasons that cause each type of error. - **error** (integer(int32)) HTTP status code returned with this error. - **errorCode** (string) Application error code returned with this error. - **parameters** (array[object]) Parameters used to give more information about the error. - **reason** (string) Application error message returned with this error. ### 500 Internal Server Error. #### Body: application/json (object) - **badRequestDetail** (object) Bad request detail. - **detail** (string) Describes the specific conditions or reasons that cause each type of error. - **error** (integer(int32)) HTTP status code returned with this error. - **errorCode** (string) Application error code returned with this error. - **parameters** (array[object]) Parameters used to give more information about the error. - **reason** (string) Application error message returned with this error. [Powered by Bump.sh](https://bump.sh)