Notice: important security update for Drive document URLs and resource keys. For more information, refer to Access link-shared files using resource keys


For a list of methods for this resource, see the end of this page.

Resource representations

A permission for a file. A permission grants a user, group, domain or the world access to a file or a folder hierarchy.

  "kind": "drive#permission",
  "id": string,
  "type": string,
  "emailAddress": string,
  "domain": string,
  "role": string,
  "view": string,
  "allowFileDiscovery": boolean,
  "displayName": string,
  "photoLink": string,
  "expirationTime": datetime,
  "teamDrivePermissionDetails": [
      "teamDrivePermissionType": string,
      "role": string,
      "inheritedFrom": string,
      "inherited": boolean
  "permissionDetails": [
      "permissionType": string,
      "role": string,
      "inheritedFrom": string,
      "inherited": boolean
  "deleted": boolean
Property name Value Description Notes
kind string Identifies what kind of resource this is. Value: the fixed string "drive#permission".
id string The ID of this permission. This is a unique identifier for the grantee, and is published in User resources as permissionId. IDs should be treated as opaque values.
type string The type of the grantee. Valid values are:
  • user
  • group
  • domain
  • anyone
When creating a permission, if type is user or group, you must provide an emailAddress for the user or group. When type is domain, you must provide a domain. There isn't extra information required for a anyone type.
emailAddress string The email address of the user or group to which this permission refers. writable
domain string The domain to which this permission refers. writable
role string The role granted by this permission. While new values may be supported in the future, the following are currently allowed:
  • owner
  • organizer
  • fileOrganizer
  • writer
  • commenter
  • reader
allowFileDiscovery boolean Whether the permission allows the file to be discovered through search. This is only applicable for permissions of type domain or anyone. writable
displayName string The "pretty" name of the value of the permission. The following is a list of examples for each type of permission:
  • user - User's full name, as defined for their Google account, such as "Joe Smith."
  • group - Name of the Google Group, such as "The Company Administrators."
  • domain - String domain name, such as ""
  • anyone - No displayName is present.
expirationTime datetime The time at which this permission will expire (RFC 3339 date-time). Expiration times have the following restrictions:
  • They can only be set on user and group permissions
  • The time must be in the future
  • The time cannot be more than a year in the future
teamDrivePermissionDetails[] list Deprecated - use permissionDetails instead.
teamDrivePermissionDetails[].teamDrivePermissionType string Deprecated - use permissionDetails/permissionType instead.
teamDrivePermissionDetails[].role string Deprecated - use permissionDetails/role instead.
teamDrivePermissionDetails[].inheritedFrom string Deprecated - use permissionDetails/inheritedFrom instead.
teamDrivePermissionDetails[].inherited boolean Deprecated - use permissionDetails/inherited instead.
deleted boolean Whether the account associated with this permission has been deleted. This field only pertains to user and group permissions.
permissionDetails[] list Details of whether the permissions on this shared drive item are inherited or directly on this item. This is an output-only field which is present only for shared drive items.
permissionDetails[].permissionType string The permission type for this user. While new values may be added in future, the following are currently possible:
  • file
  • member
permissionDetails[].role string The primary role for this user. While new values may be added in the future, the following are currently possible:
  • organizer
  • fileOrganizer
  • writer
  • commenter
  • reader
permissionDetails[].inheritedFrom string The ID of the item from which this permission is inherited. This is an output-only field.
permissionDetails[].inherited boolean Whether this permission is inherited. This field is always populated. This is an output-only field.
view string Indicates the view for this permission. Only populated for permissions that belong to a view. published is the only supported value. writable


Creates a permission for a file or shared drive.
Deletes a permission.
Gets a permission by ID.
Lists a file's or shared drive's permissions.
Updates a permission with patch semantics.