Determine the user.access permissions set

If you are developing integrations for Bitrix24 using AI tools (Codex, Claude Code, Cursor), connect to the MCP server so that the assistant can utilize the official REST documentation.

Scope: basic

Who can execute the method: any user

The user.access method checks if the current user has at least one of the permissions specified in the ACCESS parameter.

Method Parameters

Required parameters are marked with *

Name
type

Description

ACCESS*
array

Identifier or list of identifiers of the permissions to check access for

Code Examples

How to Use Examples in Documentation

curl -X POST \
        -H "Content-Type: application/json" \
        -H "Accept: application/json" \
        -d '{
            "ACCESS": ["G2", "AU"]
        }' \
        https://**put_your_bitrix24_address**/rest/**put_your_user_id_here**/**put_your_webhook_here**/user.access
        
curl -X POST \
        -H "Content-Type: application/json" \
        -H "Accept: application/json" \
        -d '{
            "ACCESS": ["G2", "AU"],
            "auth": "**put_access_token_here**"
        }' \
        https://**put_your_bitrix24_address**/rest/user.access
        
try
        {
        	const response = await $b24.callMethod(
        		'user.access',
        		{
        			"'ACCESS": ["G2", "AU"]
        		}
        	);
        	
        	const result = response.getData().result;
        	console.log(result);
        }
        catch( error )
        {
        	console.error(error);
        }
        
try {
            $response = $b24Service
                ->core
                ->call(
                    'user.access',
                    [
                        "'ACCESS" => ["G2", "AU"]
                    ]
                );
        
            $result = $response
                ->getResponseData()
                ->getResult();
        
            if ($result->error()) {
                error_log($result->error());
            } else {
                echo 'Success: ' . print_r($result->data(), true);
            }
        
        } catch (Throwable $e) {
            error_log($e->getMessage());
            echo 'Error calling user.access: ' . $e->getMessage();
        }
        
BX24.callMethod(
            "user.access",
            {
                "'ACCESS": ["G2", "AU"]
            },
            function(result)
            {
                if(result.error())
                    console.error(result.error());
                else
                    console.log(result.data());
            }
        );
        
require_once('crest.php');
        
        $result = CRest::call(
            'user.access',
            [
                'ACCESS' => ['G2','AU']
            ]
        );
        
        echo '<PRE>';
        print_r($result);
        echo '</PRE>';

Response Handling

HTTP status: 200

{
            "result": true,
            "time": {
                "start": 1722001311.94644,
                "finish": 1722001311.98622,
                "duration": 0.0397801399230957,
                "processing": 0.000041961669921875,
                "date_start": "2024-07-26T13:41:51+00:00",
                "date_finish": "2024-07-26T13:41:51+00:00",
                "operating": 0
            }
        }

Returned Data

Name
type

Description

result
boolean

Returns true if the current user has at least one of the permissions listed in the ACCESS parameter, false otherwise

time
time

Information about the request execution time

Error Handling

Statuses and System Error Codes

HTTP Status: 20x, 40x, 50x

The errors described below may occur when calling any method.

Status

Code
Error Message

Description

500

INTERNAL_SERVER_ERROR
Internal server error

An internal server error has occurred. Please contact the server administrator or Bitrix24 technical support

500

ERROR_UNEXPECTED_ANSWER
Server returned an unexpected response

An internal server error has occurred. Please contact the server administrator or Bitrix24 technical support

503

QUERY_LIMIT_EXCEEDED
Too many requests

The request intensity limit has been exceeded

405

ERROR_BATCH_METHOD_NOT_ALLOWED
Method is not allowed for batch usage

The current method is not permitted for calls using batch

400

ERROR_BATCH_LENGTH_EXCEEDED
Max batch length exceeded

The maximum length of parameters passed to the batch method has been exceeded

401

NO_AUTH_FOUND
Wrong authorization data

Invalid access token or webhook code

400

INVALID_REQUEST
Https required

The HTTPS protocol is required for method calls

503

OVERLOAD_LIMIT
REST API is blocked due to overload

The REST API is blocked due to overload. This is a manual individual block; please contact Bitrix24 technical support to lift it

403

ACCESS_DENIED
REST API is available only on commercial plans

The REST API is only available on commercial plans

403

INVALID_CREDENTIALS
Invalid request credentials

The user associated with the access token or webhook used to call the method lacks the necessary permissions

404

ERROR_MANIFEST_IS_NOT_AVAILABLE
Manifest is not available

The manifest is not available

403

insufficient_scope
The request requires higher privileges than provided by the webhook token

The request requires higher privileges than those provided by the webhook token

401

expired_token
The access token provided has expired

The provided access token has expired

403

user_access_error
The user does not have access to the application

The user does not have access to the application. This means that the application is installed, but the portal administrator has restricted access to this application to specific users only

500

PORTAL_DELETED
Portal was deleted

The public part of the site is closed. To open the public part of the site on an on-premise installation, disable the "Temporary closure of the public part of the site" option. Path to the setting: Desktop > Settings > Product Settings > Module Settings > Main Module > Temporary closure of the public part of the site

Continue Learning

Previous
Define Access Permissions for Managing Application Settings
Next
Retrieve Basic Information About the Current User