> ## Documentation Index > Fetch the complete documentation index at: https://docs.opal.dev/llms.txt > Use this file to discover all available pages before exploring further. # Put resources users > Updates a user's access level or duration on this resource. ## OpenAPI ````yaml https://app.opal.dev/openapi.yaml put /resources/{resource_id}/users/{user_id} openapi: 3.1.0 info: contact: email: hello@opal.dev name: Opal Team url: https://www.opal.dev/ description: >- The Opal API is a RESTful API that allows you to interact with the Opal Security platform programmatically. title: Opal API version: '1.0' servers: - description: Production url: https://api.opal.dev/v1 security: [] tags: - name: access-rules description: Operations related to access rules - name: apps description: Operations related to apps - name: bundles description: Operations related to bundles - name: configuration-templates description: Operations related to configuration templates - name: delegations description: Operations related to request reviewer delegations - name: events description: Operations related to events - name: groups description: Operations related to groups - name: group-bindings description: Operations related to group bindings - name: idp-group-mappings description: Operations related to IDP group mappings - name: message-channels description: Operations related to message channels - name: non-human-identities description: Operations related to non-human identities - name: on-call-schedules description: Operations related to on-call schedules - name: owners description: Operations related to owners - name: requests description: Operations related to requests - name: resources description: Operations related to resources - name: sessions description: Operations related to sessions - name: tags description: Operations related to tags - name: tokens description: Operations related to API tokens - name: uars description: Operations related to UARs - name: users description: Operations related to users paths: /resources/{resource_id}/users/{user_id}: put: tags: - resources description: Updates a user's access level or duration on this resource. operationId: update_resource_user parameters: - description: The ID of the resource. example: 4baf8423-db0a-4037-a4cf-f79c60cb67a5 in: path name: resource_id required: true schema: type: string format: uuid style: simple - description: The ID of the user whose access is being updated. example: f92aa855-cea9-4814-b9d8-f2a60d3e4a06 in: path name: user_id required: true schema: type: string format: uuid style: simple requestBody: required: true content: application/json: schema: type: object example: duration_minutes: 60 access_level_remote_id: arn:aws:iam::590304332660:role/AdministratorAccess properties: duration_minutes: description: >- The updated duration for which the resource can be accessed (in minutes). Use 0 for indefinite, or a negative value to revoke access. type: integer maximum: 525960 example: 120 access_level_remote_id: description: >- The updated remote ID of the access level granted to this user. type: string example: arn:aws:iam::590304332660:role/ReadOnlyAccess required: - duration_minutes responses: '200': description: The ResourceUser was successfully updated. content: application/json: schema: $ref: '#/components/schemas/ResourceUser' security: - BearerAuth: [] components: schemas: ResourceUser: description: >- # Resource User Object ### Description The `ResourceUser` object is used to represent a user with direct access to a resource. example: full_name: Jake Barnes user_id: 29827fb8-f2dd-4e80-9576-28e31e9934ac resource_id: 1b978423-db0a-4037-a4cf-f79c60cb67b3 expiration_date: '2022-01-23T04:56:07.000Z' email: jake@company.dev properties: resource_id: description: The ID of the resource. example: 1b978423-db0a-4037-a4cf-f79c60cb67b3 format: uuid type: string user_id: description: The ID of the user. example: 29827fb8-f2dd-4e80-9576-28e31e9934ac format: uuid type: string access_level: $ref: '#/components/schemas/ResourceAccessLevel' full_name: description: The user's full name. example: Jake Barnes type: string email: description: The user's email. example: jake@company.dev type: string expiration_date: description: The day and time the user's access will expire. example: '2022-01-23T04:56:07.000Z' format: date-time nullable: true type: string required: - email - full_name - resource_id - user_id - access_level type: object ResourceAccessLevel: description: >- # Access Level Object ### Description The `AccessLevel` object is used to represent the level of access that a principal has. The "default" access level is a `AccessLevel` object whose fields are all empty strings. ### Usage Example View the `AccessLevel` of a resource/user or resource/group pair to see the level of access granted to the resource. example: access_level_name: AdminRole access_level_remote_id: arn:aws:iam::590304332660:role/AdministratorAccess properties: access_level_name: description: The human-readable name of the access level. example: AdminRole type: string access_level_remote_id: description: The machine-readable identifier of the access level. example: arn:aws:iam::590304332660:role/AdministratorAccess type: string required: - access_level_name - access_level_remote_id type: object securitySchemes: BearerAuth: scheme: bearer type: http ````