Assign Access Permissions to Folder disk.folder.sharetouser

Scope: disk

Who can execute the method: a user with "Share" permission for the specified folder

The method disk.folder.sharetouser assigns access permissions to a folder.

Method Parameters

Required parameters are marked with *

Name
type

Description

id*
integer

Identifier of the folder.

The identifier can be obtained using the method disk.storage.getchildren if the folder is located at the root of the storage, and using the method disk.folder.getchildren if the folder is located within another folder

userId*
integer

Identifier of the user to whom access is granted.

The identifier can be obtained using the method user.get

taskName*
string

Level of access granted to the user. Possible values:

  • disk_access_read — read
  • disk_access_add — add
  • disk_access_edit — edit
  • disk_access_full — full access

The current user cannot grant permissions higher than their own level. For example, if the current user only has "Read" permission for the specified folder, they will not be able to grant another user "Edit" or "Full access" permissions.

Code Examples

How to Use Examples in Documentation

curl -X POST \
        -H "Content-Type: application/json" \
        -H "Accept: application/json" \
        -d '{"id":8994,"userId":1271,"taskName":"disk_access_read"}' \
        https://**put_your_bitrix24_address**/rest/**put_your_user_id_here**/**put_your_webhook_here**/disk.folder.sharetouser
        
curl -X POST \
        -H "Content-Type: application/json" \
        -H "Accept: application/json" \
        -d '{"id":8994,"userId":1271,"taskName":"disk_access_read","auth":"**put_access_token_here**"}' \
        https://**put_your_bitrix24_address**/rest/disk.folder.sharetouser
        
try
        {
            const response = await $b24.callMethod(
                'disk.folder.sharetouser',
                {
                    id: 8994,
                    userId: 1271,
                    taskName: 'disk_access_read',
                }
            );
            
            const result = response.getData().result;
            console.log('Folder shared to user with ID:', result);
            
            processResult(result);
        }
        catch( error )
        {
            console.error('Error:', error);
        }
        
try {
            $response = $b24Service
                ->core
                ->call(
                    'disk.folder.sharetouser',
                    [
                        'id' => 8994,
                        'userId' => 1271,
                        'taskName' => 'disk_access_read'
                    ]
                );
        
            $result = $response
                ->getResponseData()
                ->getResult();
        
            echo 'Success: ' . print_r($result, true);
            processData($result);
        
        } catch (Throwable $e) {
            error_log($e->getMessage());
            echo 'Error sharing folder to user: ' . $e->getMessage();
        }
        
BX24.callMethod(
            "disk.folder.sharetouser",
            {
                id: 8994,              
                userId: 1271,           
                taskName: 'disk_access_read'
            },
            function (result) 
            {
                if (result.error())
                    console.error(result.error());
                else
                    console.dir(result.data());
            }
        );
        
require_once('crest.php');
        
        $result = CRest::call(
            'disk.folder.sharetouser',
            [
                'id' => 8994,
                'userId' => 1271,
                'taskName' => 'disk_access_read'
            ]
        );
        
        echo '<PRE>';
        print_r($result);
        echo '</PRE>';

Response Handling

HTTP Status: 200

{
            "result": true,
            "time": {
                "start": 1768921227,
                "finish": 1768921228.02202,
                "duration": 1.0220201015472412,
                "processing": 1,
                "date_start": "2026-01-20T17:00:27+02:00",
                "date_finish": "2026-01-20T17:00:28+02:00",
                "operating_reset_at": 1768921827,
                "operating": 0
            }
        }

Returned Data

Name
type

Description

result
boolean

Returns true if permissions are successfully assigned

time
time

Information about the execution time of the request

Error Handling

HTTP Status: 400

{
            "error":"ERROR_ARGUMENT",
            "error_description":"Invalid value of parameter {Parameter #1}"
        }

Name
type

Description

error
string

String error code. It may consist of digits, Latin letters, and underscores

error_description
error_description

Textual description of the error. The description is not intended to be shown to the end user in its raw form

Possible Error Codes

Code

Description

Value

ERROR_ARGUMENT

Invalid value of parameter

Required parameter not specified

ERROR_NOT_FOUND

Could not find entity with id X

Folder with the specified id not found

ACCESS_DENIED

Access denied

Attempt to set permission level higher than the current user's

ACCESS_DENIED

Access denied

Incorrect value provided for parameter taskName

Statuses and System Error Codes

HTTP Status: 20x, 40x, 50x

The errors described below may occur when calling any method.

Status

Code
Error Message

Description

500

INTERNAL_SERVER_ERROR
Internal server error

An internal server error has occurred, please contact the server administrator or Bitrix24 technical support

500

ERROR_UNEXPECTED_ANSWER
Server returned an unexpected response

An internal server error has occurred, please contact the server administrator or Bitrix24 technical support

503

QUERY_LIMIT_EXCEEDED
Too many requests

The request intensity limit has been exceeded

405

ERROR_BATCH_METHOD_NOT_ALLOWED
Method is not allowed for batch usage

The current method is not allowed to be called using batch

400

ERROR_BATCH_LENGTH_EXCEEDED
Max batch length exceeded

The maximum length of parameters passed to the batch method has been exceeded

401

NO_AUTH_FOUND
Wrong authorization data

Invalid access token or webhook code

400

INVALID_REQUEST
Https required

The methods must be called using the HTTPS protocol

503

OVERLOAD_LIMIT
REST API is blocked due to overload

The REST API is blocked due to overload. This is a manual individual block, to remove it you need to contact Bitrix24 technical support

403

ACCESS_DENIED
REST API is available only on commercial plans

The REST API is available only on commercial plans

403

INVALID_CREDENTIALS
Invalid request credentials

The user whose access token or webhook was used to call the method lacks permissions

404

ERROR_MANIFEST_IS_NOT_AVAILABLE
Manifest is not available

The manifest is not available

403

insufficient_scope
The request requires higher privileges than provided by the webhook token

The request requires higher privileges than those provided by the webhook token

401

expired_token
The access token provided has expired

The provided access token has expired

403

user_access_error
The user does not have access to the application

The user does not have access to the application. This means that the application is installed, but the account administrator has allowed access to this application only for specific users

500

PORTAL_DELETED
Portal was deleted

The public part of the site is closed. To open the public part of the site on an on-premise installation, disable the option "Temporary closure of the public part of the site". Path to the setting: Desktop > Settings > Product Settings > Module Settings > Main Module > Temporary closure of the public part of the site

Continue Learning

Previous
Restore Folder from Trash
Next
Upload File to Specified Folder