Summary
Genesys Cloud is deprecating the “including any future permissions” logic associated with the All Permissions option in the Roles and Permissions page. Prior to this change, this logic automatically included any new permissions added within a domain or an entity, when “All Permissions” is selected.
As part of this deprecation, permissions are no longer saved as wildcards (e.g. acdscreenshare:.) but are instead saved as explicit individual permissions (e.g. acdscreenshare:chat:escalate, acdscreenshare:session:view, etc).
Refer also to Deprecation: including any future permissions logic in All Permissions
Effective Date
Monday, May 4, 2026
Details
This change is being implemented for the following reasons:
Scalability, associated with upcoming feature developments
To eliminate unintended billing impacts, when new permissions require higher license tiers
To eliminate UI ambiguity associated with the "All Permissions" selection
Customer Impact
Customers that use automation tools to create roles should note the following changes:
While it will still be possible for automation tools to submit permissions as wildcards, they will no longer be saved by the system as wildcards. In other words, there are no changes required to tools that create roles, in terms of how permissions are submitted. However, because permissions are now saved as explicit individual permissions, rather than wildcards, if your tool performs strict validation, it will likely generate error messages when it attempts to match the body submitted to the body returned via API. If your automation tool uses strict validation, you should change this to just validate that the submission was successful (status code 200).
The "including any future permissions" logic is removed, so newly added permissions will no longer be automatically granted, even if the automation tool created the roles using wildcard permissions. Newly added permissions will need to be explicitly enabled in roles, if required for that role.
Existing roles that use wildcard permissions are automatically refreshed to explicit permissions.
Impacted Resources
POST /api/v2/authorization/roles/{roleId} - Bulk-grant subjects and divisions with an organization role.
Issue References
AUTHZ-1112
IAM-4389
Contacts
@David Murray Please reply to this announcement with any questions. This helps the wider developer community benefit from the discussion. We encourage you to use this thread before contacting the designated person directly. Thank you for your understanding.