Genesys Cloud - Developer Announcements!

 View Only

Sign Up

Back to discussions
Expand all | Collapse all

Case Management: Division Permission Enforcement Alignment

  • 1.  Case Management: Division Permission Enforcement Alignment

    Posted an hour ago

    Summary

    We are aligning Case Management APIs with the platform-wide division permission model to ensure consistent behavior across Genesys Cloud services.

    • Division move permission change (PATCH caseplan): When moving a caseplan between divisions via PATCH, the API previously required caseplan:add in the target division. It now requires caseplan:edit in both the source and target divisions, consistent with how Queues, Flows, WFM Business Units, and all other platform APIs handle division moves.
    • Explicit division permission enforcement on all Case Management endpoints: A new check now validates the user has the required permission in the caseplan's specific division(s) for all Case Management endpoints (caseplans, stageplans, stepplans). This is a tightening of enforcement that may surface edge cases where the previous framework-level check was more lenient.

    These APIs are in preview and this change is not a customer impacting change.

    Effective Date

    Monday, June 1, 2026

    Details

    Division permission enforcement for Case Management APIs has been aligned with the platform standard. PATCH caseplan now requires caseplan:edit in both source and target divisions (previously caseplan:add in target). All Case Management endpoints now have explicit division-level permission checks.

    This update brings Case Management APIs in line with platform standards, improving consistency, predictability, and security across services.

    Customer Impact

    • Clients moving caseplans between divisions must ensure the calling user has caseplan:edit permission in both the source and target divisions.
    • The caseplan:add permission is no longer sufficient for the target division.
    • Existing requests may fail if they relied on previously lenient permission checks.

    Note: These APIs are currently in preview, and impact is expected to be minimal.

    Impacted Resources

    1. PATCH /api/v2/casemanagement/caseplans/{caseplanId} — Breaking: permission changed from add to edit in target division.
    2. GET /api/v2/casemanagement/caseplans — Stricter enforcement of existing permissions
    3. GET /api/v2/casemanagement/caseplans/{caseplanId} — Stricter enforcement of existing permissions
    4. DELETE /api/v2/casemanagement/caseplans/{caseplanId} — Stricter enforcement of existing permissions
    5. POST .../publish — Stricter enforcement of existing permissions
    6. POST .../versions — Stricter enforcement of existing permissions
    7. GET .../versions/{version} — Stricter enforcement of existing permissions

    8-9. GET/PUT .../intakesettings — Stricter enforcement of existing permissions

    10-13. GET/POST/PUT/DELETE .../dataschemas — Stricter enforcement of existing permissions

    14-16. GET/GET/PATCH .../stageplans — Stricter enforcement of existing permissions

    17-18. GET/GET .../stepplans — Stricter enforcement of existing permissions

    Issue References

    WORKITEMS-7685

    Contacts

    @Adrian Ryan  

    Please reply to this announcement with any questions. This helps the wider developer community benefit from the discussion. We encourage you to use this thread before contacting the designated person directly. Thank you for your understanding.



Related Content