Big News: Socket raises $60M Series C at a $1B valuation to secure software supply chains for AI-driven development.Announcement
Sign In

@itwin/access-control-client

Package Overview
Dependencies
Maintainers
5
Versions
30
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

@itwin/access-control-client

Access control client for the iTwin platform

Source
npmnpm
Version
4.3.0
Version published
Maintainers
5
Created
Source

Access Control Client Library

npm version

A comprehensive TypeScript library for Bentley Systems' Access Control API, providing type-safe access to iTwin access management, roles, permissions, groups, and member operations.

Table of Contents

Quick Start

Get up and running with Access Control Client in just a few steps:

npm install @itwin/access-control-client

import { AccessControlClient } from "@itwin/access-control-client";

const client = new AccessControlClient();
const accessToken = "your-access-token-string";
const roles = await client.roles.getITwinRoles(accessToken, "itwin-id");
console.log(`Found ${roles.data!.length} roles`);

Installation

# Using npm
npm install @itwin/access-control-client

# Using yarn
yarn add @itwin/access-control-client

# Using pnpm
pnpm add @itwin/access-control-client

Basic Usage

Authentication

All API methods require an access token string. See the iTwin Platform documentation for authentication setup.

Environment Configuration

Configure different deployment environments using globalThis.IMJS_URL_PREFIX:

// Development environment
globalThis.IMJS_URL_PREFIX = "dev-";

// QA environment
globalThis.IMJS_URL_PREFIX = "qa-";

// Production (default)
globalThis.IMJS_URL_PREFIX = undefined;

Documentation

Core Documentation

DocumentPurpose
Getting Started GuideComplete setup and first steps
Migration Guide v3→v4Upgrading from v3.x to v4.x
Contributing GuideDevelopment and contribution workflow

API Reference

Core Classes

  • AccessControlClient - Main client for all access control operations
  • IAccessControlClient - Interface defining the client API surface

Sub-Clients

The AccessControlClient exposes the following specialized sub-clients:

Access Management

  • permissions - Query permissions across the platform and iTwins
  • roles - Manage iTwin roles (CRUD operations)

Group Management

  • groups - Manage iTwin groups (CRUD operations)
  • groupMembers - Manage members within groups
  • groupMemberInvitations - Handle group member invitation lifecycle

User Management

  • userMembers - Manage individual user members of iTwins
  • ownerMembers - Manage iTwin owner memberships
  • memberInvitations - Handle member invitation lifecycle

Advanced Operations

  • itwinJobs - Bulk operations for member management
  • itwinShares - Manage iTwin sharing and access tokens

Key Features

  • Complete CRUD operations for roles, groups, and members
  • Bulk operations via iTwin Jobs
  • Invitation management for users and groups
  • Sharing capabilities for controlled iTwin access
  • Type-safe API with full TypeScript support

Quick Reference

import { AccessControlClient } from "@itwin/access-control-client";
import type {
  BentleyAPIResponse,
  Role,
  MultipleUserMembersResponse
} from "@itwin/access-control-client";

const client = new AccessControlClient();
const accessToken = "your-access-token-string";
const iTwinId = "your-itwin-id";

// Get roles
const roles = await client.roles.getITwinRoles(accessToken, iTwinId);

// Create a role
const newRole = await client.roles.createITwinRole(accessToken, iTwinId, {
  displayName: "Project Manager",
  description: "Role for project management"
});

// Query user members
const members = await client.userMembers.queryITwinUserMembers(
  accessToken,
  iTwinId,
  { top: 10 }
);

// Add user members
const addedMembers = await client.userMembers.addITwinUserMembers(
  accessToken,
  iTwinId,
  [{
    email: "user@example.com",
    roleIds: ["role-id"]
  }],
  "Welcome message"
);

About this Repository

The @itwin/access-control-client package provides a modern, type-safe interface to Bentley Systems' Access Control API. It manages iTwin access permissions, roles, groups, members, invitations, and sharing capabilities.

For more information about the iTwin platform and APIs, visit:

Development

Prerequisites

  • Node.js 16+ and pnpm
  • TypeScript 4.5+
  • Valid iTwin Platform credentials

Building from Source

git clone https://github.com/iTwin/access-control-client.git
cd access-control-client
pnpm install
pnpm build

Running Tests

.env file setup is required for tests. View Getting Started for more information.

# Run all tests
pnpm test

# Run tests with coverage
pnpm test:coverage

# Run linting
pnpm lint

Contributing

We welcome contributions! Please see our Contributing Guide for details on:

  • How to submit issues and feature requests
  • Development workflow and coding standards
  • Pull request process and review guidelines
  • Testing requirements and conventions
  • How to use changesets for versioning

Versioning

This project uses Changesets for version management. For more information view Contributing Guide.

License

Copyright © Bentley Systems, Incorporated. All rights reserved.

This project is licensed under the MIT License - see the LICENSE.md file for details.

Keywords

Bentley
iTwin
access-control

FAQs

Package last updated on 26 Mar 2026

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

US Government Forces Anthropic to Pull Claude Fable Days After Launch

Security News

US Government Forces Anthropic to Pull Claude Fable Days After Launch

Anthropic says the directive cited national security concerns over a narrow jailbreak, but offered no specific technical details.

By Sarah Gooding  -  Jun 13, 2026