Add or promote a single access grant for a rule. Requires modify access to the rule.

## Path parameters

**`rule_id`** string required

Rule ID (prefixed with `rule_`).

## Request body

**`target_type`** string required

Scope of the grant. Values: `user`, `organization`, `department`, or `all`.

**`target_id`** string required

ID of the target entity (user ID, org ID, or department ID). Use `*` when `target_type` is `all`.

**`access_level`** string required

`view` — read-only visibility; `use` — can invoke/attach the rule; `modify` — full control.

## Returns

Returns the created or promoted grant.

Request

```bash cURL
curl -X PATCH "https://api.aitronos.com/v1/rules/rule_abc123/permissions/grant" \
  -H "Authorization: Bearer $ACCESS_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{ "target_type": "user", "target_id": "usr_abc", "access_level": "modify" }'
```


```python Python SDK
# A first-class SDK method for this endpoint is coming soon.
# In the meantime, call the endpoint directly with the SDK's HTTP client:
from aitronos import Aitronos

client = Aitronos(api_key="your-api-key")
response = client._client_wrapper.httpx_client.request(
    "rules/rule_abc123/permissions/grant",
    method="PATCH",
    json={"target_type": "user", "target_id": "usr_abc", "access_level": "modify"},
)
print(response.json())
```


```python Python
import os, requests

response = requests.patch(
    "https://api.aitronos.com/v1/rules/rule_abc123/permissions/grant",
    headers={
        "Authorization": f"Bearer {os.environ['ACCESS_TOKEN']}",
        "Content-Type": "application/json",
    },
    json={"target_type": "user", "target_id": "usr_abc", "access_level": "modify"},
)
print(response.json())
```


```javascript JavaScript
await fetch("https://api.aitronos.com/v1/rules/rule_abc123/permissions/grant", {
  method: "PATCH",
  headers: {
    Authorization: `Bearer ${process.env.ACCESS_TOKEN}`,
    "Content-Type": "application/json",
  },
  body: JSON.stringify({
    target_type: "user",
    target_id: "usr_abc",
    access_level: "modify",
  }),
});
```

Response

```json 200 OK
{
  "id": "grant_abc123",
  "target_type": "user",
  "target_id": "usr_abc",
  "access_level": "modify",
  "granted_by": "usr_owner",
  "granted_at": "2026-04-15T10:00:00Z"
}
```


```json 403 Forbidden
{
  "success": false,
  "error": {
    "code": "INSUFFICIENT_PERMISSIONS",
    "message": "You do not have permission to perform this action.",
    "system_message": "Insufficient permissions for this operation",
    "type": "authorization_error",
    "status": 403,
    "details": { "rule_id": "rule_abc123" },
    "trace_id": "req_abc123xyz",
    "timestamp": "2026-04-15T10:00:00Z"
  }
}
```

## Related Resources

- [List rule permissions](/docs/api-reference/rules/permissions-list)
- [Replace rule permissions](/docs/api-reference/rules/permissions-replace)
- [Revoke rule permission](/docs/api-reference/rules/permissions-revoke)