# Assign roles to user Assigns roles to the authenticated user. Only ARTIST, BRAND, and INFLUENCER are allowed. ADMIN cannot be assigned. This operation is idempotent - adding an already-present role is a no-op. Returns the updated /me response. Endpoint: POST /me/roles/assign Version: 0.1.0 Security: bearerAuth ## Request fields (application/json): - `rolesToAdd` (array, required) Roles to assign (only ARTIST, BRAND, INFLUENCER allowed; ADMIN is not allowed) Enum: "ARTIST", "BRAND", "INFLUENCER" ## Response 200 fields (application/json): - `userId` (string, required) Unique identifier for the user Example: "user_123" - `emailAddress` (string, required) User email address Example: "user@example.com" - `emailVerificationStatus` (string, required) Email verification status Enum: "UNVERIFIED", "VERIFIED" - `emailVerified` (boolean, required) Whether the email has been verified (true if emailVerifiedAtTimestamp is not null) - `roles` (array, required) User roles (ARTIST, BRAND, INFLUENCER, or ADMIN) Enum: "ARTIST", "BRAND", "INFLUENCER", "ADMIN" - `onboarding` (object, required) - `onboarding.status` (string, required) Overall onboarding status Enum: "COMPLETE", "INCOMPLETE" - `onboarding.missing` (array, required) Array of missing requirements that prevent onboarding completion Enum: "ROLE_NOT_ASSIGNED", "EMAIL_NOT_VERIFIED", "DISPLAY_NAME_MISSING", "PROFILE_PHOTO_MISSING", "SPONSOR_PROFILE_MISSING", "NO_ELIGIBLE_CREATOR_INTEGRATION", "WALLET_MISSING" - `onboarding.roleFlags` (object, required) - `onboarding.roleFlags.isCreator` (boolean, required) Whether user has creator role (INFLUENCER only) - `onboarding.roleFlags.isSponsor` (boolean, required) Whether user has sponsor role (BRAND or ARTIST) - `onboarding.roleFlags.roles` (array, required) User roles Enum: "ARTIST", "BRAND", "INFLUENCER", "ADMIN" - `onboarding.readiness` (object, required) - `onboarding.readiness.account_readiness` (string, required) Whether basic account setup is complete Enum: "READY", "NOT_READY" - `onboarding.readiness.creator_marketplace_readiness` (string, required) Whether user is ready to participate in campaigns as creator Enum: "READY", "NOT_READY" - `onboarding.readiness.sponsor_marketplace_readiness` (string, required) Whether user is ready to create campaigns as sponsor Enum: "READY", "NOT_READY" - `onboarding.roleReadiness` (object) Per-role onboarding readiness state - `onboarding.roleReadiness.sponsor` (object) Sponsor role onboarding state - `onboarding.roleReadiness.sponsor.readiness_status` (string, required) Whether sponsor role is ready Enum: "READY", "NOT_READY" - `onboarding.roleReadiness.sponsor.missing` (array, required) Missing requirements for sponsor role Example: ["SPONSOR_PROFILE_MISSING","WALLET_MISSING"] - `onboarding.roleReadiness.creator` (object) Creator role onboarding state - `onboarding.roleReadiness.creator.readiness_status` (string, required) Whether creator role is ready Enum: "READY", "NOT_READY" - `onboarding.roleReadiness.creator.missing` (array, required) Missing requirements for creator role Example: ["DISPLAY_NAME_MISSING","NO_ELIGIBLE_CREATOR_INTEGRATION"] - `onboarding.nextStep` (string, required) Next step in onboarding flow Enum: "select_role", "verify_email", "complete_profile", "connect_platform", "complete_sponsor_profile", "done" - `profile` (object, required) - `profile.displayName` (string, required) User display name (empty string if not set) Example: "John Doe" - `profile.profilePhotoUrl` (string,null, required) Profile photo URL (must start with https://) Example: "https://example.com/photo.jpg" - `connectedPlatforms` (array, required) Array of platform integration capabilities - `connectedPlatforms.platform` (string, required) Social platform identifier Enum: "INSTAGRAM", "TIKTOK" - `connectedPlatforms.status` (string, required) Current capability state of the integration Enum: "NOT_CONNECTED", "VALID", "LIMITED", "ERROR" - `connectedPlatforms.capabilities` (object, required) Platform-specific capability flags Example: {"canReadProfile":false,"canReadMedia":false,"canReadInsights":false} - `connectedPlatforms.reason_code` (string,null, required) Machine-readable reason code for the current status Example: "NOT_CONNECTED" - `connectedPlatforms.reason_message` (string,null, required) Human-readable message explaining the current status Example: "Account not connected" - `connectedPlatforms.last_verified_at` (string,null, required) ISO timestamp of last verification (null if not connected) - `createdAtTimestamp` (string, required) ISO timestamp of user creation Example: "2025-01-01T00:00:00.000Z" - `lastUpdatedAtTimestamp` (string, required) ISO timestamp of last update Example: "2025-01-01T00:00:00.000Z" ## Response 400 fields (application/json): - `error` (string, required) Error code that identifies the type of error. This is a stable identifier that can be used for programmatic error handling. Common codes include: - NOT_FOUND - Resource not found - VALIDATION_ERROR - Input validation failed - PERMISSION_DENIED - User lacks permission for the action - CONFLICT - Request conflicts with current resource state - UNAUTHORIZED - Authentication required - INTERNAL_SERVER_ERROR - Unexpected server error Example: "VALIDATION_ERROR" - `message` (string, required) User-friendly error message that should always be displayed to end users. This message is designed to be clear, actionable, and free of technical details. This field is always present and contains the primary message for end users. Example: "The email address you entered is not valid. Please check the format and try again." - `technicalMessage` (string) Optional technical message for developers. Contains detailed information including IDs, error codes, and technical context. Only included when it differs from the user-friendly message field. When present, developers can use this for debugging while end users should see the message field. Example: "Campaign with ID campaign_123 not found" - `details` (object) Additional error details (optional). May contain structured information about the error, such as validation field errors or additional context. - `requestId` (string) Unique request identifier for tracing. Included in X-Request-ID header and can be used to correlate errors with server logs. Example: "550e8400-e29b-41d4-a716-446655440000" - `timestamp` (string, required) ISO 8601 timestamp when the error occurred Example: "2024-01-01T00:00:00Z" ## Response 401 fields (application/json): - `error` (string, required) Error code that identifies the type of error. This is a stable identifier that can be used for programmatic error handling. Common codes include: - NOT_FOUND - Resource not found - VALIDATION_ERROR - Input validation failed - PERMISSION_DENIED - User lacks permission for the action - CONFLICT - Request conflicts with current resource state - UNAUTHORIZED - Authentication required - INTERNAL_SERVER_ERROR - Unexpected server error Example: "VALIDATION_ERROR" - `message` (string, required) User-friendly error message that should always be displayed to end users. This message is designed to be clear, actionable, and free of technical details. This field is always present and contains the primary message for end users. Example: "The email address you entered is not valid. Please check the format and try again." - `technicalMessage` (string) Optional technical message for developers. Contains detailed information including IDs, error codes, and technical context. Only included when it differs from the user-friendly message field. When present, developers can use this for debugging while end users should see the message field. Example: "Campaign with ID campaign_123 not found" - `details` (object) Additional error details (optional). May contain structured information about the error, such as validation field errors or additional context. - `requestId` (string) Unique request identifier for tracing. Included in X-Request-ID header and can be used to correlate errors with server logs. Example: "550e8400-e29b-41d4-a716-446655440000" - `timestamp` (string, required) ISO 8601 timestamp when the error occurred Example: "2024-01-01T00:00:00Z" ## Response 404 fields (application/json): - `error` (string, required) Error code that identifies the type of error. This is a stable identifier that can be used for programmatic error handling. Common codes include: - NOT_FOUND - Resource not found - VALIDATION_ERROR - Input validation failed - PERMISSION_DENIED - User lacks permission for the action - CONFLICT - Request conflicts with current resource state - UNAUTHORIZED - Authentication required - INTERNAL_SERVER_ERROR - Unexpected server error Example: "VALIDATION_ERROR" - `message` (string, required) User-friendly error message that should always be displayed to end users. This message is designed to be clear, actionable, and free of technical details. This field is always present and contains the primary message for end users. Example: "The email address you entered is not valid. Please check the format and try again." - `technicalMessage` (string) Optional technical message for developers. Contains detailed information including IDs, error codes, and technical context. Only included when it differs from the user-friendly message field. When present, developers can use this for debugging while end users should see the message field. Example: "Campaign with ID campaign_123 not found" - `details` (object) Additional error details (optional). May contain structured information about the error, such as validation field errors or additional context. - `requestId` (string) Unique request identifier for tracing. Included in X-Request-ID header and can be used to correlate errors with server logs. Example: "550e8400-e29b-41d4-a716-446655440000" - `timestamp` (string, required) ISO 8601 timestamp when the error occurred Example: "2024-01-01T00:00:00Z"