> ## Documentation Index > Fetch the complete documentation index at: https://docs.salesive.com/llms.txt > Use this file to discover all available pages before exploring further. # List roles > Retrieve a paginated list of the store's staff roles. Requires the READ_ROLES scope. Returns the store's staff roles with their pages and permissions; roles are read-only for apps. The store is bound to your app token server-side — never send a shop id. ## OpenAPI ````yaml GET /roles openapi: 3.1.0 info: title: Salesive Apps API — Account version: 1.0.0 description: >- Read the store's account configuration — domains, staff roles and payout methods — and manage its identity verification (KYC) from an installed third-party app. Every endpoint authenticates with an installed-app access token (prefix `app_`) and requires a specific OAuth scope. The target store is bound to the token server-side from the installation — never send a shop id. Domains, roles and payouts are read-only for apps: their create/update/delete operations are owner-only and are not exposed here. servers: - url: https://api.salesive.com/api/v1 description: Production security: - AppToken: [] paths: /roles: get: tags: - Roles summary: List roles description: >- Returns a paginated list of the store's staff roles. Roles are read-only for apps; creating, updating or deleting a role is owner-only and is not exposed here. Requires the `READ_ROLES` scope and returns 403 if the token is missing it. The store is bound to the app token server-side from the installation — never send a shop id. operationId: listRoles parameters: - name: page in: query required: false description: Page number (1-based). schema: type: integer default: 1 minimum: 1 - name: limit in: query required: false description: Number of roles per page. schema: type: integer default: 10 minimum: 1 - name: search in: query required: false description: Case-insensitive filter on the role name. schema: type: string responses: '200': description: Paginated list of staff roles. content: application/json: schema: allOf: - $ref: '#/components/schemas/EnvelopeBase' - type: object properties: data: type: object properties: roles: type: array items: $ref: '#/components/schemas/Role' pagination: $ref: '#/components/schemas/Pagination' example: status: 200 success: true message: Roles retrieved data: roles: - _id: 66b1f0a3c2d4e5f6a7b8c9d0 name: Store Manager shop: 6680aabbccddeeff00112200 pages: - id: overview name: Overview required: true - id: orders name: Orders shopTypes: - ecommerce - restaurant - business permissions: - orders:view - orders:manage active: true createdAt: '2026-01-10T09:00:00.000Z' updatedAt: '2026-05-02T11:30:00.000Z' pagination: total: 1 page: 1 limit: 10 pages: 1 hasNext: false hasPrev: false nextPage: null prevPage: null '401': $ref: '#/components/responses/Unauthorized' '403': $ref: '#/components/responses/Forbidden' components: schemas: EnvelopeBase: type: object description: >- Standard Salesive response envelope. The operation-specific payload is carried in `data`. required: - status - success - message properties: status: type: integer description: HTTP status code, echoed in the body. success: type: boolean description: Whether the request succeeded. message: type: string description: Human-readable result message. Role: type: object description: A staff role for the store. properties: _id: type: string name: type: string description: The role's name. shop: type: - string - 'null' description: The store id (bound server-side). pages: type: array description: Pages this role grants access to. items: $ref: '#/components/schemas/RolePage' permissions: type: array description: Permission strings granted by this role. items: type: string active: type: boolean description: Whether the role is active. createdAt: type: string format: date-time updatedAt: type: string format: date-time Pagination: type: object description: Pagination metadata for list responses. properties: total: type: integer description: Total number of matching items. page: type: integer description: Current page (1-based). limit: type: integer description: Items per page. pages: type: integer description: Total number of pages. hasNext: type: boolean hasPrev: type: boolean nextPage: type: - integer - 'null' prevPage: type: - integer - 'null' RolePage: type: object description: A page a role can grant access to. properties: id: type: string description: Stable page identifier (for example `overview`). name: type: string description: Human-readable page name. required: type: boolean description: Present and true if the page is always granted. shopTypes: type: array description: Store types the page applies to, when restricted. items: type: string Envelope: allOf: - $ref: '#/components/schemas/EnvelopeBase' - type: object properties: data: description: Operation-specific payload (object, array, or null). responses: Unauthorized: description: Missing or invalid app access token. content: application/json: schema: $ref: '#/components/schemas/Envelope' example: status: 401 success: false message: Authentication required data: null Forbidden: description: The app token is missing the OAuth scope required for this operation. content: application/json: schema: $ref: '#/components/schemas/Envelope' example: status: 403 success: false message: Insufficient scope data: null securitySchemes: AppToken: type: http scheme: bearer description: >- Installed-app access token (prefix app_), issued by the OAuth install flow. The store is bound to the token server-side — never send a shop id. ````