Check Access Permissions tasks.task.access.get
If you are developing integrations for Bitrix24 using AI tools (Codex, Claude Code, Cursor), connect to the MCP server so that the assistant can utilize the official REST documentation.
Scope:
tasksWho can execute the method: any user
The method tasks.task.access.get checks the available actions a user can perform on a task.
Method Parameters
Required parameters are marked with *
|
Name |
Description |
|
id* |
Task identifier. The task identifier can be obtained when creating a new task or through the old method of getting the task list |
Code Examples
How to Use Examples in Documentation
The new API call differs by adding the /api/ segment to the request URL:
https://{installation_address}/rest/api/{user_id}/{webhook_token}/tasks.task.access.get
curl -X POST \
-H "Content-Type: application/json" \
-H "Accept: application/json" \
-d '{"id":8017}' \
https://**put_your_bitrix24_address**/rest/api/**put_your_user_id_here**/**put_your_webhook_here**/tasks.task.access.get
curl -X POST \
-H "Content-Type: application/json" \
-H "Accept: application/json" \
-d '{"id":8017,"auth":"**put_access_token_here**"}' \
https://**put_your_bitrix24_address**/rest/api/tasks.task.access.get
// This snippet is an ES module: top-level await requires type="module" or a bundler.
// $b24 is an already-initialized SDK instance (see the SDK "Get started" guide).
import { Text } from '@bitrix24/b24jssdk'
import type { B24Frame } from '@bitrix24/b24jssdk'
declare const $b24: B24Frame
// Shape of the payload returned in result (match the "response handling" section of the page)
type TaskAccessResult = {
read: boolean
watch: boolean
mute: boolean
createSubtask: boolean
createResult: boolean
edit: boolean
remove: boolean
complete: boolean
approve: boolean
disapprove: boolean
start: boolean
take: boolean
delegate: boolean
defer: boolean
renew: boolean
deadline: boolean
datePlan: boolean
changeDirector: boolean
changeResponsible: boolean
changeAccomplices: boolean
pause: boolean
timeTracking: boolean
mark: boolean
changeStatus: boolean
reminder: boolean
addAuditors: boolean
elapsedTime: boolean
favorite: boolean
checklistAdd: boolean
checklistEdit: boolean
checklistSave: boolean
checklistToggle: boolean
automate: boolean
resultEdit: boolean
completeResult: boolean
removeResult: boolean
resultRead: boolean
admin: boolean
copy: boolean
saveAsTemplate: boolean
attachFile: boolean
detachFile: boolean
detachParent: boolean
createGanttDependence: boolean
sort: boolean
}
try {
const response = await $b24.actions.v3.call.make<TaskAccessResult>({
method: 'tasks.task.access.get',
params: {
id: 8017,
},
requestId: Text.getUuidRfc4122()
})
// The payload is available only on a successful response
if (!response.isSuccess) {
console.error(response.getErrorMessages().join('; '))
} else {
const result = response.getData()!.result
console.info('Task access rights — edit:', result.edit, 'complete:', result.complete, 'remove:', result.remove)
}
} catch (error) {
// Thrown on transport or SDK failures (AjaxError, SdkError, etc.)
console.error(error)
}
<!-- Load the SDK (UMD build); it is exposed as the global B24Js -->
<script src="https://unpkg.com/@bitrix24/b24jssdk@1/dist/umd/index.min.js"></script>
<script>
async function getTaskAccess() {
try {
// Initialize the SDK inside a Bitrix24 frame
const $b24 = await B24Js.initializeB24Frame()
const response = await $b24.actions.v3.call.make({
method: 'tasks.task.access.get',
params: {
id: 8017,
},
requestId: B24Js.Text.getUuidRfc4122()
})
// The payload is available only on a successful response
if (!response.isSuccess) {
console.error(response.getErrorMessages().join('; '))
return
}
const result = response.getData().result
console.info('Task access rights — edit:', result.edit, 'complete:', result.complete, 'remove:', result.remove)
} catch (error) {
// Thrown on transport or SDK failures (AjaxError, SdkError, etc.)
console.error(error)
}
}
document.addEventListener('DOMContentLoaded', getTaskAccess)
</script>
SDKs do not yet support the /rest/api/ address in calls. Use direct HTTP requests, for example, via curl or fetch.
try {
$response = $b24Service
->core
->call(
'tasks.task.access.get',
[
'id' => 8017,
]
);
$result = $response
->getResponseData()
->getResult();
echo 'Success: ' . print_r($result, true);
} catch (Throwable $e) {
error_log($e->getMessage());
echo 'Error: ' . $e->getMessage();
}
SDKs do not yet support the /rest/api/ address in calls. Use direct HTTP requests, for example, via curl or fetch.
BX24.callMethod(
'tasks.task.access.get',
{
id: 8017,
},
function(result){
console.info(result.data());
console.log(result);
}
);
SDKs do not yet support the /rest/api/ address in calls. Use direct HTTP requests, for example, via curl or fetch.
require_once('crest.php');
$result = CRest::call(
'tasks.task.access.get',
[
'id' => 8017,
]
);
echo '<PRE>';
print_r($result);
echo '</PRE>';
Response Handling
HTTP Status: 200
{
"result": {
"read": true,
"watch": true,
"mute": true,
"createSubtask": true,
"createResult": true,
"edit": true,
"remove": true,
"complete": true,
"approve": false,
"disapprove": false,
"start": false,
"take": false,
"delegate": true,
"defer": false,
"renew": false,
"deadline": true,
"datePlan": true,
"changeDirector": false,
"changeResponsible": true,
"changeAccomplices": true,
"pause": false,
"timeTracking": false,
"mark": true,
"changeStatus": true,
"reminder": true,
"addAuditors": true,
"elapsedTime": true,
"favorite": true,
"checklistAdd": true,
"checklistEdit": true,
"checklistSave": true,
"checklistToggle": true,
"automate": true,
"resultEdit": false,
"completeResult": true,
"removeResult": false,
"resultRead": false,
"admin": true,
"copy": true,
"saveAsTemplate": true,
"attachFile": true,
"detachFile": true,
"detachParent": true,
"createGanttDependence": true,
"sort": false
},
"time": {
"start": 1764849882,
"finish": 1764849882.731575,
"duration": 0.7315750122070312,
"processing": 0,
"date_start": "2025-12-04T15:04:42+01:00",
"date_finish": "2025-12-04T15:04:42+01:00",
"operating_reset_at": 1764850482,
"operating": 0
}
}
Returned Data
|
Name |
Description |
|
result |
The root element of the response. Contains an object describing the available actions for the current user |
|
time |
Information about the request execution time |
Error Handling
HTTP Status: 400
{
"error": {
"code": "BITRIX_REST_V3_EXCEPTION_VALIDATION_REQUESTVALIDATIONEXCEPTION",
"message": "Error during request object validation",
"validation": [
{
"message": "Required field `id` is missing",
"field": "id"
}
]
}
}
|
Name |
Description |
|
error.code |
String error code. Use it to identify the type of exception |
|
error.message |
Text description of the error |
|
error.validation |
Array with error details. Present only in data validation errors |
|
error.validation[].field |
Name of the field where the validation error occurred |
|
error.validation[].message |
Description of the error related to the specified field |
Possible Error Codes
Request Validation Errors
Error Code: BITRIX_REST_V3_EXCEPTION_VALIDATION_REQUESTVALIDATIONEXCEPTION
|
Field |
Error Description |
How to Fix |
|
|
Required field |
Add |
|
|
Field |
Ensure the value is a number, not a string |
Statuses and System Error Codes
HTTP Status: 20x, 40x, 50x
The errors described below may occur when calling any method.
|
Status |
Code |
Description |
|
|
|
An internal server error has occurred. Please contact the server administrator or Bitrix24 technical support |
|
|
|
An internal server error has occurred. Please contact the server administrator or Bitrix24 technical support |
|
|
|
The request intensity limit has been exceeded |
|
|
|
The current method is not permitted for calls using batch |
|
|
|
The maximum length of parameters passed to the batch method has been exceeded |
|
|
|
Invalid access token or webhook code |
|
|
|
The HTTPS protocol is required for method calls |
|
|
|
The REST API is blocked due to overload. This is a manual individual block; please contact Bitrix24 technical support to lift it |
|
|
|
The REST API is only available on commercial plans |
|
|
|
The user associated with the access token or webhook used to call the method lacks the necessary permissions |
|
|
|
The manifest is not available |
|
|
|
The request requires higher privileges than those provided by the webhook token |
|
|
|
The provided access token has expired |
|
|
|
The user does not have access to the application. This means that the application is installed, but the portal administrator has restricted access to this application to specific users only |
|
|
|
The public part of the site is closed. To open the public part of the site on an on-premise installation, disable the "Temporary closure of the public part of the site" option. Path to the setting: Desktop > Settings > Product Settings > Module Settings > Main Module > Temporary closure of the public part of the site |