> ## Documentation Index > Fetch the complete documentation index at: https://docs.salesive.com/llms.txt > Use this file to discover all available pages before exploring further. # Get a role by id > Retrieve a single staff role by its id, including its pages and permissions. Requires the READ_ROLES scope. Returns one staff role with its granted pages and permissions; roles are read-only for apps. The store is bound to your app token server-side — never send a shop id. ## OpenAPI ````yaml GET /roles/{id} openapi: 3.1.0 info: title: Salesive Apps API — Account version: 1.0.0 description: >- Read the store's account configuration — domains, staff roles and payout methods — and manage its identity verification (KYC) from an installed third-party app. Every endpoint authenticates with an installed-app access token (prefix `app_`) and requires a specific OAuth scope. The target store is bound to the token server-side from the installation — never send a shop id. Domains, roles and payouts are read-only for apps: their create/update/delete operations are owner-only and are not exposed here. servers: - url: https://api.salesive.com/api/v1 description: Production security: - AppToken: [] paths: /roles/{id}: get: tags: - Roles summary: Get a role by id description: >- Returns a single staff role by its id, including its granted pages and permissions. Roles are read-only for apps; updating or deleting a role is owner-only and is not exposed here. Returns 404 if the role does not exist or does not belong to the installation's store. Requires the `READ_ROLES` scope and returns 403 if the token is missing it. The store is bound to the app token server-side from the installation — never send a shop id. operationId: getRole parameters: - $ref: '#/components/parameters/RoleId' responses: '200': description: The requested role. content: application/json: schema: allOf: - $ref: '#/components/schemas/EnvelopeBase' - type: object properties: data: $ref: '#/components/schemas/Role' example: status: 200 success: true message: Role retrieved data: _id: 66b1f0a3c2d4e5f6a7b8c9d0 name: Store Manager shop: 6680aabbccddeeff00112200 pages: - id: overview name: Overview required: true - id: orders name: Orders shopTypes: - ecommerce - restaurant - business permissions: - orders:view - orders:manage active: true createdAt: '2026-01-10T09:00:00.000Z' updatedAt: '2026-05-02T11:30:00.000Z' '401': $ref: '#/components/responses/Unauthorized' '403': $ref: '#/components/responses/Forbidden' '404': $ref: '#/components/responses/NotFound' components: parameters: RoleId: name: id in: path required: true description: The role's id (Mongo ObjectId). schema: type: string schemas: EnvelopeBase: type: object description: >- Standard Salesive response envelope. The operation-specific payload is carried in `data`. required: - status - success - message properties: status: type: integer description: HTTP status code, echoed in the body. success: type: boolean description: Whether the request succeeded. message: type: string description: Human-readable result message. Role: type: object description: A staff role for the store. properties: _id: type: string name: type: string description: The role's name. shop: type: - string - 'null' description: The store id (bound server-side). pages: type: array description: Pages this role grants access to. items: $ref: '#/components/schemas/RolePage' permissions: type: array description: Permission strings granted by this role. items: type: string active: type: boolean description: Whether the role is active. createdAt: type: string format: date-time updatedAt: type: string format: date-time RolePage: type: object description: A page a role can grant access to. properties: id: type: string description: Stable page identifier (for example `overview`). name: type: string description: Human-readable page name. required: type: boolean description: Present and true if the page is always granted. shopTypes: type: array description: Store types the page applies to, when restricted. items: type: string Envelope: allOf: - $ref: '#/components/schemas/EnvelopeBase' - type: object properties: data: description: Operation-specific payload (object, array, or null). responses: Unauthorized: description: Missing or invalid app access token. content: application/json: schema: $ref: '#/components/schemas/Envelope' example: status: 401 success: false message: Authentication required data: null Forbidden: description: The app token is missing the OAuth scope required for this operation. content: application/json: schema: $ref: '#/components/schemas/Envelope' example: status: 403 success: false message: Insufficient scope data: null NotFound: description: >- The requested resource does not exist or does not belong to the installation's store. content: application/json: schema: $ref: '#/components/schemas/Envelope' example: status: 404 success: false message: Resource not found data: null securitySchemes: AppToken: type: http scheme: bearer description: >- Installed-app access token (prefix app_), issued by the OAuth install flow. The store is bound to the token server-side — never send a shop id. ````