Summary

The updateDefaultRole() GraphQL mutation is used to update the default role for a group in LogScale.

API Stability Long-Term
Security Requirement & Control ManageUsers API permission

Syntax

graphql
updateDefaultRole(
      input: UpdateDefaultRoleInput!
   ): updateDefaultRoleMutation!

For the input, you'll have to give the unique identifier of the group, and the default role. See the Input Parameters section.

For the results, you can get information on the group and roles. See the tables in the Returned Values section for details.

Example

Raw
graphql
mutation {
  updateDefaultRole( input: 
    {
      roleId: "abc123",
      groupId: "def456"
    }
  )
  { group { displayName } }
}
Mac OS or Linux (curl)
shell
curl -v -X POST $YOUR_LOGSCALE_URL/graphql \
    -H "Authorization: Bearer $TOKEN" \
    -H "Content-Type: application/json" \
    -d @- << EOF
{"query" : "mutation {
  updateDefaultRole( input: 
    {
      roleId: \"abc123\",
      groupId: \"def456\"
    }
  )
  { group { displayName } }
}"
}
EOF
Mac OS or Linux (curl) One-line
shell
curl -v -X POST $YOUR_LOGSCALE_URL/graphql \
    -H "Authorization: Bearer $TOKEN" \
    -H "Content-Type: application/json" \
    -d @- << EOF
{"query" : "mutation {
  updateDefaultRole( input: 
    {
      roleId: \"abc123\",
      groupId: \"def456\"
    }
  )
  { group { displayName } }
}"
}
EOF
Windows Cmd and curl
shell
curl -v -X POST $YOUR_LOGSCALE_URL/graphql ^
    -H "Authorization: Bearer $TOKEN" ^
    -H "Content-Type: application/json" ^
    -d @'{"query" : "mutation { ^
  updateDefaultRole( input:  ^
    { ^
      roleId: \"abc123\", ^
      groupId: \"def456\" ^
    } ^
  ) ^
  { group { displayName } } ^
}" ^
} '
Windows Powershell and curl
powershell
curl.exe -X POST 
    -H "Authorization: Bearer $TOKEN"
    -H "Content-Type: application/json"
    -d '{"query" : "mutation {
  updateDefaultRole( input: 
    {
      roleId: \"abc123\",
      groupId: \"def456\"
    }
  )
  { group { displayName } }
}"
}'
    "$YOUR_LOGSCALE_URL/graphql"
Perl
perl
#!/usr/bin/perl

use HTTP::Request;
use LWP;

my $TOKEN = "TOKEN";

my $uri = '$YOUR_LOGSCALE_URL/graphql';

my $query = "mutation {
  updateDefaultRole( input: 
    {
      roleId: \"abc123\",
      groupId: \"def456\"
    }
  )
  { group { displayName } }
}";
$query =~ s/\n/ /g;
my $json = sprintf('{"query" : "%s"}',$query);
my $req = HTTP::Request->new("POST", $uri );

$req->header("Authorization" => "Bearer $TOKEN");
$req->header("Content-Type" => "application/json");

$req->content( $json );

my $lwp = LWP::UserAgent->new;

my $result = $lwp->request( $req );

print $result->{"_content"},"\n";
Python
python
#! /usr/local/bin/python3

import requests

url = '$YOUR_LOGSCALE_URL/graphql'
mydata = r'''{"query" : "mutation {
  updateDefaultRole( input: 
    {
      roleId: \"abc123\",
      groupId: \"def456\"
    }
  )
  { group { displayName } }
}"
}'''

resp = requests.post(url,
                     data = mydata,
                     headers = {
   "Authorization" : "Bearer $TOKEN",
   "Content-Type" : "application/json"
}
)

print(resp.text)
Node.js
javascript
const https = require('https');

const data = JSON.stringify(
    {"query" : "mutation {
  updateDefaultRole( input: 
    {
      roleId: \"abc123\",
      groupId: \"def456\"
    }
  )
  { group { displayName } }
}"
}
);


const options = {
  hostname: '$YOUR_LOGSCALE_URL',
  path: 'graphql',
  port: 443,
  method: 'POST',
  headers: {
    'Content-Type': 'application/json',
    'Content-Length': data.length,
    Authorization: 'BEARER ' + process.env.TOKEN,
    'User-Agent': 'Node',
  },
};

const req = https.request(options, (res) => {
  let data = '';
  console.log(`statusCode: ${res.statusCode}`);

  res.on('data', (d) => {
    data += d;
  });
  res.on('end', () => {
    console.log(JSON.parse(data).data);
  });
});

req.on('error', (error) => {
  console.error(error);
});

req.write(data);
req.end();
Example Responses
Success (HTTP Response Code 200 OK)
json
{
  "data": {
    "updateDefaultRole": {
      "group": {
        "displayName": "sales"
      }
    }
  }
}

Input Parameters

For the input, you'll have to provide the unique identifier of the group, and the default role. These are described below:

Table: UpdateDefaultRoleInput Input Datatype

ParameterTypeRequiredDefaultStabilityDescription
Some input parameters may be required, as indicated in the Required column. For return values, this indicates that you are assured a value if the field is requested for the results.
Table last updated: Sep 23, 2024
groupIdstringyes Long-TermThe unique identifier of the group.
roleIdstring  Long-TermThe unique identifier of the default role to update.

Returned Values

For the results, you can get information on the group, such as how many users, a list of them, and which assets they can access. You can also get a list of roles using roles and the default role with defaultRole.

Table: updateDefaultRoleMutation Datatype

ParameterTypeRequiredDefaultStabilityDescription
Some input parameters may be required, as indicated in the Required column. For return values, this indicates that you are assured a value if the field is requested for the results.
Table last updated: Oct 4, 2024
groupGroupyes Long-TermThe group for which to update the default role. See Group.

The datatype above uses another datatype for group information. For your convenience, the table for that sub-datatype is included here:

Table: Group Datatype

ParameterTypeRequiredDefaultStabilityDescription
Some input parameters may be required, as indicated in the Required column. For return values, this indicates that you are assured a value if the field is requested for the results.
Table last updated: Sep 11, 2025
allowedAssetActionsBySource(assetId: string, assetType: AssetPermissionsAssetType, searchDomainId: string): GroupAssetActionsBySourcemultipleyes PreviewGet allowed asset actions for the group on a specific asset and explain how it has gotten this access. See AssetPermissionsAssetType GroupAssetActionsBySource.
defaultQueryPrefixstring  Long-TermThe default prefix for queries.
defaultRoleRole  Long-TermThe default role associated with the group. See Role.
defaultSearchDomainCountintegeryes Long-TermThe default search domain count.
displayNamestringyes Long-TermThe display name of the group.
idstringyes Long-TermThe identifier of the group.
lookupNamestring  Long-TermThe look-up name for the group.
organizationRoles[GroupOrganizationRole]yes Long-TermThe roles of the organization associated with the group. See GroupOrganizationRole.
permissionTypePermissionType  Long-TermIndicates which level of permissions the group contains. See PermissionType .
queryPrefixes(onlyIncludeRestrictiveQueryPrefixes: boolean, onlyForRoleWithId: string): [QueryPrefixes]multiple  Long-TermThe query prefixes for the group. See QueryPrefixes.
roles[SearchDomainRole]yes Long-TermThe roles for the group See SearchDomainRole.
searchAssetPermissions(searchFilter: string, skip: integer, limit: integer, orderBy: OrderBy, sortBy: SortBy, assetTypes: [AssetPermissionsAssetType], searchDomainIds: [string], permissions: [AssetAction], includeUnassignedAssets: boolean): AssetPermissionSearchResultSetmultipleyes Short-TermSearch for asset permissions for the group. This is a preview and subject to change. See AssetPermissionsAssetType AssetAction, and AssetPermissionSearchResultSet.
searchDomainCountintegeryes Long-TermThe number of search domains for the group.
searchDomainRoles(searchDomainId: string): [SearchDomainRole]multipleyes Long-TermThe search domain roles assigned to the group. See SearchDomainRole.
searchDomainRolesByName(searchDomainName: string): SearchDomainRolemultipleyes Deprecated

The search domain roles assigned to the group, by name. See SearchDomainRole. When multiple roles per view is enabled, this field will return only the first of possibly multiple roles matching the name for the view.

Use roles, searchDomainRoles, or searchDomainRolesBySearchDomainName fields instead. This field will be removed at the earliest in version 1.195.

searchDomainRolesBySearchDomainName(searchDomainName: string): [SearchDomainRole]multipleyes Long-TermThe domain roles by search domain name. See SearchDomainRole.
searchUsers(searchFilter: string, skip: integer, limit: integer, sortBy: OrderByUserField, orderBy: OrderBy): UserResultSetTypemultiple  Long-TermUsed to search the list of users in the group. See OrderByUserField , OrderBy , UserResultSetType.
systemRoles[GroupSystemRole]yes Long-TermThe system roles of the group. See GroupSystemRole.
userCountintegeryes Long-TermThe number of users that are part of the group.
users[User]yes Long-TermThe list of users in the group. See User.