Get a List of Available Access Levels disk.rights.getTasks
If you are developing integrations for Bitrix24 using AI tools (Codex, Claude Code, Cursor), connect to the MCP server so that the assistant can utilize the official REST documentation.
Scope:
diskWho can execute the method: any user
The method disk.rights.getTasks returns a list of available access levels.
Use the obtained access level identifiers to set permissions on files during their upload. Specify the identifiers as the value of the TASK_ID parameter in the methods disk.storage.uploadfile and disk.folder.uploadfile.
Method Parameters
No parameters.
Code Examples
How to Use Examples in Documentation
curl -X POST \
-H "Content-Type: application/json" \
-H "Accept: application/json" \
-d '{}' \
https://**put_your_bitrix24_address**/rest/**put_your_user_id_here**/**put_your_webhook_here**/disk.rights.getTasks
curl -X POST \
-H "Content-Type: application/json" \
-H "Accept: application/json" \
-d '{"auth":"**put_access_token_here**"}' \
https://**put_your_bitrix24_address**/rest/disk.rights.getTasks
// This snippet is an ES module: top-level await requires type="module" or a bundler.
// $b24 is an already-initialized SDK instance (see the SDK "Get started" guide).
import { Text } from '@bitrix24/b24jssdk'
import type { B24Frame } from '@bitrix24/b24jssdk'
declare const $b24: B24Frame
// Shape of each AccessTask returned in result[]
type AccessTask = {
ID: string
NAME: string
TITLE: string
}
try {
// disk.rights.getTasks returns a single page (max 50 records). For the whole result set
// use a list helper: $b24.actions.v2.callList.make() returns every record as one
// array, $b24.actions.v2.fetchList.make() yields them in chunks (async generator).
// NOTE: the list helpers do not accept `order` (it is excluded from their params, so
// passing it is a TS error) — keep this call.make + `start` variant when sort matters.
const response = await $b24.actions.v2.call.make<AccessTask[]>({
method: 'disk.rights.getTasks',
params: {
start: 0,
},
requestId: Text.getUuidRfc4122()
})
// The payload is available only on a successful response
if (!response.isSuccess) {
console.error(response.getErrorMessages().join('; '))
} else {
const result = response.getData()!.result
console.info('Access levels:', result.length, result)
}
} catch (error) {
// Thrown on transport or SDK failures (AjaxError, SdkError, etc.)
console.error(error)
}
<!-- Load the SDK (UMD build); it is exposed as the global B24Js -->
<script src="https://unpkg.com/@bitrix24/b24jssdk@1/dist/umd/index.min.js"></script>
<script>
async function getDiskRightsTasks() {
try {
// Initialize the SDK inside a Bitrix24 frame
const $b24 = await B24Js.initializeB24Frame()
// disk.rights.getTasks returns a single page (max 50 records). For the whole result set
// use a list helper: $b24.actions.v2.callList.make() returns every record as one
// array, $b24.actions.v2.fetchList.make() yields them in chunks (async generator).
// NOTE: the list helpers do not accept `order` (it is excluded from their params, so
// passing it is a TS error) — keep this call.make + `start` variant when sort matters.
const response = await $b24.actions.v2.call.make({
method: 'disk.rights.getTasks',
params: {
start: 0,
},
requestId: B24Js.Text.getUuidRfc4122()
})
// The payload is available only on a successful response
if (!response.isSuccess) {
console.error(response.getErrorMessages().join('; '))
return
}
const result = response.getData().result
console.info('Access levels:', result.length, result)
} catch (error) {
// Thrown on transport or SDK failures (AjaxError, SdkError, etc.)
console.error(error)
}
}
document.addEventListener('DOMContentLoaded', getDiskRightsTasks)
</script>
try {
$response = $b24Service
->core
->call(
'disk.rights.getTasks',
[]
);
$result = $response
->getResponseData()
->getResult();
echo 'Success: ' . print_r($result, true);
processData($result);
} catch (Throwable $e) {
error_log($e->getMessage());
echo 'Error: ' . $e->getMessage();
}
BX24.callMethod(
'disk.rights.getTasks',
{},
function (result) {
if (result.error()) {
console.error(result.error());
} else {
console.log(result.data());
}
}
);
require_once('crest.php');
$result = CRest::call(
'disk.rights.getTasks',
[]
);
echo '<PRE>';
print_r($result);
echo '</PRE>';
Response Handling
HTTP Status: 200
{
"result": [
{
"ID": "79",
"NAME": "disk_access_full",
"TITLE": "Full Access"
},
{
"ID": "75",
"NAME": "disk_access_edit",
"TITLE": "Editing"
},
{
"ID": "71",
"NAME": "disk_access_read",
"TITLE": "Reading"
}
],
"time": {
"start": 1766494790,
"finish": 1766494790.095506,
"duration": 0.09550595283508301,
"processing": 0,
"date_start": "2025-12-23T12:59:50+01:00",
"date_finish": "2025-12-23T12:59:50+01:00",
"operating_reset_at": 1766495390,
"operating": 0
}
}
Returned Data
|
Name |
Description |
|
result |
Array of available access levels |
|
ID |
Access level identifier |
|
NAME |
Symbolic code of the access level |
|
TITLE |
Name of the access level |
|
time |
Information about the request execution time |
Error Handling
Statuses and System Error Codes
HTTP Status: 20x, 40x, 50x
The errors described below may occur when calling any method.
|
Status |
Code |
Description |
|
|
|
An internal server error has occurred. Please contact the server administrator or Bitrix24 technical support |
|
|
|
An internal server error has occurred. Please contact the server administrator or Bitrix24 technical support |
|
|
|
The request intensity limit has been exceeded |
|
|
|
The current method is not permitted for calls using batch |
|
|
|
The maximum length of parameters passed to the batch method has been exceeded |
|
|
|
Invalid access token or webhook code |
|
|
|
The HTTPS protocol is required for method calls |
|
|
|
The REST API is blocked due to overload. This is a manual individual block; please contact Bitrix24 technical support to lift it |
|
|
|
The REST API is only available on commercial plans |
|
|
|
The user associated with the access token or webhook used to call the method lacks the necessary permissions |
|
|
|
The manifest is not available |
|
|
|
The request requires higher privileges than those provided by the webhook token |
|
|
|
The provided access token has expired |
|
|
|
The user does not have access to the application. This means that the application is installed, but the portal administrator has restricted access to this application to specific users only |
|
|
|
The public part of the site is closed. To open the public part of the site on an on-premise installation, disable the "Temporary closure of the public part of the site" option. Path to the setting: Desktop > Settings > Product Settings > Module Settings > Main Module > Temporary closure of the public part of the site |