Permissions: patch

Stay organized with collections Save and categorize content based on your preferences.

Updates a permission using patch semantics. Try it now or see an example.

Warning: Concurrent permissions operations on the same file are not supported; only the last update is applied.


HTTP request



Parameter name Value Description
Path parameters
fileId string The ID for the file or shared drive.
permissionId string The ID for the permission.
Optional query parameters
removeExpiration boolean Whether to remove the expiration date. (Default: false)
supportsAllDrives boolean Whether the requesting application supports both My Drives and shared drives. (Default: false)
supportsTeamDrives boolean Deprecated use supportsAllDrives instead. (Default: false)
transferOwnership boolean Whether changing a role to 'owner' downgrades the current owners to writers. Does nothing if the specified role is not 'owner'. (Default: false)
useDomainAdminAccess boolean Issue the request as a domain administrator; if set to true, then the requester will be granted access if the file ID parameter refers to a shared drive and the requester is an administrator of the domain to which the shared drive belongs. (Default: false)


This request requires authorization with at least one of the following scopes:


Some scopes are restricted and require a security assessment for your app to use them. For more information, see the authentication and authorization page.

Request body

In the request body, supply the relevant portions of a Permissions resource, according to the rules of patch semantics, with the following properties:

Property name Value Description Notes
Optional Properties
additionalRoles[] list Additional roles for this user. Only commenter is currently allowed, though more may be supported in the future. writable
expirationDate datetime The time at which this permission will expire (RFC 3339 date-time). Expiration dates have the following restrictions:
  • They cannot be set on shared drive items
  • They can only be set on user and group permissions
  • The date must be in the future
  • The date cannot be more than a year in the future
pendingOwner boolean Whether the account associated with this permission is a pending owner. Only populated for user type permissions for files that are not in a shared drive. writable
role string The primary role for this user. While new values may be supported in the future, the following are currently allowed:
  • owner
  • organizer
  • fileOrganizer
  • writer
  • reader
view string Indicates the view for this permission. Only populated for permissions that belong to a view. published is the only supported value. writable


If successful, this method returns a Permissions resource in the response body.


Note: The code examples available for this method do not represent all supported programming languages (see the client libraries page for a list of supported languages).


Uses the Java client library.


// ...

public class MyClass {

  // ...

   * Patch a permission's role.
   * @param service Drive API service instance.
   * @param fileId ID of the file to update permission for.
   * @param permissionId ID of the permission to patch.
   * @param newRole The value "owner", "writer" or "reader".
   * @return The patched permission if successful, {@code null} otherwise.
  private static Permission patchPermission(Drive service, String fileId,
      String permissionId, String newRole) {
    Permission patchedPermission = new Permission();
    try {
      return service.permissions().patch(
          fileId, permissionId, patchedPermission).execute();
    } catch (IOException e) {
      System.out.println("An error occurred: " + e);
    return null;

  // ...



Uses the .NET client library.

using Google.Apis.Drive.v2;
using Google.Apis.Drive.v2.Data;

using System.Net;
// ...

public class MyClass {

  // ...

  /// <summary>
  /// Patch a permission's role.
  /// </summary>
  /// <param name="service">Drive API service instance.</param>
  /// <param name="fileId">ID of the file to update permission for.</param>
  /// <param name="permissionId">ID of the permission to patch.</param>
  /// <param name="newRole">The value "owner", "writer" or "reader".</param>
  /// <returns>The patched permission, null is returned if an API error occurred</returns>
  public static Permission PatchPermission(DriveService service, String fileId,
      String permissionId, String newRole) {
    Permission patchedPermission = new Permission();
    patchedPermission.Role = newRole;
    try {
      return service.Permissions.Patch(patchedPermission, fileId, permissionId).Execute();
    } catch (Exception e) {
      Console.WriteLine("An error occurred: " + e.Message);
    return null;

  // ...



Uses the PHP client library.

 * Patch a permission's role.
 * @param Google_Service_Drive $service Drive API service instance.
 * @param String $fileId ID of the file to update permission for.
 * @param String $permissionId ID of the permission to patch.
 * @param String $newRole The value "owner", "writer" or "reader".
 * @return Google_Servie_Drive_Permission The patched permission. NULL is
 *     returned if an API error occurred.
function patchPermission($service, $fileId, $permissionId, $newRole) {
  $patchedPermission = new Google_Service_Drive_Permission();
  try {
    return $service->permissions->patch($fileId, $permissionId, $patchedPermission);
  } catch (Exception $e) {
    print "An error occurred: " . $e->getMessage();
  return NULL;


Uses the Python client library.

from apiclient import errors
# ...

def patch_permission(service, file_id, permission_id, new_role):
  """Patch a permission's role.

    service: Drive API service instance.
    file_id: ID of the file to update permission for.
    permission_id: ID of the permission to patch.
    new_role: The value 'owner', 'writer' or 'reader'.

    The patched permission if successful, None otherwise.
  patched_permission = {'role': new_role}
    return service.permissions().patch(
        fileId=file_id, permissionId=permission_id,
  except errors.HttpError, error:
    print 'An error occurred: %s' % error
  return None


Uses the JavaScript client library.

 * Patch a permission's role.
 * @param {String} fileId ID of the file to update permission for.
 * @param {String} permissionId ID of the permission to patch.
 * @param {String} newRole The value "owner", "writer" or "reader".
function patchPermission(fileId, permissionId, newRole) {
  var body = {'role': newRole};
  var request ={
    'fileId': fileId,
    'permissionId': permissionId,
    'resource': body
  request.execute(function(resp) {
    console.log('New Role: ' + resp.role);


Uses the Go client library.

import (

// PatchPermission patches a permission to the given role
func PatchPermission(d *drive.Service, fileId string, permissionId string,
    role string) error {
  p := &drive.Permission{Role: role}
  _, err := d.Permissions.Patch(fileId, permissionId, p).Do()
  if err != nil {
    fmt.Printf("An error occurred: %v\n", err)
    return err
  return nil


Uses the Objective-C client library.

#import "GTLDrive.h"
// ...

+ (void)patchPermissionWithService:(GTLServiceDrive *)service
                            fileId:(NSString *)fileId
                      permissionId:(NSString *)permissionId
                           newRole:(NSString *)newRole
                   completionBlock:(void (^)(GTLDrivePermission *, NSError *))completionBlock {
  GTLDrivePermission *patchedPermission = [GTLDrivePermission object];
  // The value @"owner", @"writer" or @"reader".
  patchedPermission.role = newRole;

  GTLQueryDrive *query =
    [GTLQueryDrive queryForPermissionsPatchWithObject:patchedPermission
  // queryTicket can be used to track the status of the request.
  GTLServiceTicket *queryTicket =
    [service executeQuery:query
        completionHandler:^(GTLServiceTicket *ticket,
                            GTLDrivePermission *permission, NSError *error) {
          if (error == nil) {
            completionBlock(permission, nil);
          } else {
            NSLog(@"An error occurred: %@", error);
            completionBlock(nil, error);

// ...

Try it!

Use the APIs Explorer below to call this method on live data and see the response.