> ## Documentation Index > Fetch the complete documentation index at: https://docs.nscale.com/llms.txt > Use this file to discover all available pages before exploring further. # Update group > Allows a group to be updated. ## OpenAPI ````yaml /openapi/identity-openapi.yaml put /api/v1/organizations/{organizationID}/groups/{groupid} openapi: 3.0.3 info: title: Identity API description: >- The Identity API provides an OIDC compliant interface for use with all official and 3rd party services and proxies. As its intended use is for multi-tenant cloud deployments, it acts as an aggregation layer for other 3rd party OIDC services, dispatching login requests to the required OIDC backend. Token introspection forms the basis of role based access control across all APIs. For security purposes, access tokens and refresh tokens are limited to a single session per client, thus if they are being consumed by a horizontally scalable platform care must be taken to ensure token rotation is handled atomically by a single process, and the tokens are distributed to each service instance synchronously. version: 1.11.0 servers: - url: https://identity.nks.europe-west4.nscale.com security: [] paths: /api/v1/organizations/{organizationID}/groups/{groupid}: description: >- Allows management of organization groups. Groups bind users and service accounts to roles and allow those users to perform API requests as defined by those roles. Groups are then typically linked to projects that grant the users the ability to perform project scoped operations, such as provisioning infrastructure. parameters: - $ref: '#/components/parameters/organizationIDParameter' - $ref: '#/components/parameters/groupidParameter' put: tags: - Groups summary: Update group description: Allows a group to be updated. requestBody: $ref: '#/components/requestBodies/updateGroupRequest' responses: '200': description: Group successfully updated and returned. '401': $ref: '#/components/responses/unauthorizedResponse' '403': $ref: '#/components/responses/forbiddenResponse' '404': $ref: '#/components/responses/notFoundResponse' '500': $ref: '#/components/responses/internalServerErrorResponse' security: - oauth2Authentication: [] components: parameters: organizationIDParameter: name: organizationID in: path description: An organization ID. required: true schema: type: string groupidParameter: name: groupid in: path description: A unique group ID. required: true schema: type: string requestBodies: updateGroupRequest: description: Body required to update a group. required: true content: application/json: schema: $ref: '#/components/schemas/groupWrite' example: metadata: name: The-A-Team description: An elite commando unit. spec: roleIDs: - 64c46f16-43b1-495d-8ee3-040b8321050d userIDs: - b0c0dc92-b123-410e-bad6-75a2265ca6e1 serviceAccountIDs: [] responses: unauthorizedResponse: description: Authentication failed or the access token has expired. content: application/json: schema: $ref: '#/components/schemas/error' example: error: access_denied error_description: authentication failed forbiddenResponse: description: >- Request was denied by authorization, this may be caused by the authorization token not having the required scope for an API, or the user doesn't have the necessary privileges on the provider platform. content: application/json: schema: $ref: '#/components/schemas/error' example: error: forbidden error_description: user credentials do not have the required privileges notFoundResponse: description: Unable to find a resource. content: application/json: schema: $ref: '#/components/schemas/error' example: error: not_found error_description: the requested resource does not exist internalServerErrorResponse: description: >- An unexpected or unhandled error occurred. This may be a transient error and may succeed on a retry. If this isn't the case, please report it as an issue. content: application/json: schema: $ref: '#/components/schemas/error' example: error: server_error error_description: failed to token claim schemas: groupWrite: description: A group when created or updated. type: object required: - metadata - spec properties: metadata: $ref: '#/components/schemas/resourceMetadata' spec: $ref: '#/components/schemas/groupSpec' error: description: Generic error message, compatible with oauth2. type: object required: - error - error_description properties: error: description: >- A terse error string expanding on the HTTP error code. Errors are based on the OAuth 2.02 specification, but are expanded with proprietary status codes for APIs other than those specified by OAuth 2.02. type: string enum: - invalid_request - server_error - access_denied - not_found - conflict - method_not_allowed - unsupported_media_type - request_entity_too_large - forbidden error_description: description: Verbose message describing the error. type: string resourceMetadata: description: Metadata required for all API resource reads and writes. required: - name properties: name: $ref: '#/components/schemas/kubernetesLabelValue' description: description: >- The resource description, this optionally augments the name with more context. type: string tags: $ref: '#/components/schemas/tagList' groupSpec: description: A group. type: object required: - serviceAccountIDs - roleIDs properties: subjects: description: list of subjects that are assigned to this group type: array items: $ref: '#/components/schemas/subject' userIDs: $ref: '#/components/schemas/stringList' serviceAccountIDs: $ref: '#/components/schemas/stringList' roleIDs: $ref: '#/components/schemas/stringList' kubernetesLabelValue: description: >- A valid Kubernetes label value, typically used for resource names that can be indexed in the database. type: string pattern: ^[0-9A-Za-z](?:[0-9A-Za-z-_.]{0,61}[0-9A-Za-z])?$ tagList: description: A list of tags. type: array items: $ref: '#/components/schemas/tag' subject: description: A user account, as described when member of a group. type: object required: - id - issuer properties: id: description: The identitifier for this subject, given by the issuer. type: string email: description: An email for the user, if supplied by the issuer. type: string issuer: description: The issuer URL. type: string stringList: description: A list of strings. type: array items: description: An arbitrary string. type: string tag: description: >- A tag mapping arbitrary names to values. These have no special meaning for any component are are intended for use by end users to add additional context to a resource, for example to categorize it. type: object required: - name - value properties: name: description: A unique tag name. type: string value: description: The value of the tag. type: string securitySchemes: oauth2Authentication: description: Operation requires OAuth 2.0 bearer token authentication. type: oauth2 flows: authorizationCode: authorizationUrl: https://identity.nks.europe-west4.nscale.com/oauth2/v2/authorization tokenUrl: https://identity.nks.europe-west4.nscale.com/oauth2/v2/token scopes: {} ````