Changes the features that a target client has by overwriting the old feature list. This API call may only be made by the client's owner. The owner client may not remove the owner feature from itself.

Note. You may assign more that one owner client.

This method includes the following endpoints:

  • POST



This endpoint supports Basic authentication. 

How to Create an Authentication String

Base URL

The base URL for this endpoint is your Janrain Capture domain; for example:


Your Capture domains (also known as Registration domains) can be found in the Janrain Console on the Manage Application page:


Example Request

Overwrite the old features list for the client with ID value 67890fghij67890fghij with a list consisting of the single value owner.

curl -X POST \
    -H "Authorization: Basic aW1fYV...NfbXk="\
    --data-urlencode for_client_id=67890fghij67890fghij \
    --data-urlencode features='["owner"]'\
      Running this command in Postman

Authorized Clients

  • owner


  •  janrain-signed
  •  basic-auth

Query Parameters

Parameter Type Required Description
for_client_id string Client ID for the client being modified. If this parameter is not present, feature sets are updated on the owner client.
features string Yes JSON array of features being assigned to the client. Allowed values are:
  • owner. Complete admin access.
  • access_issuer. Can issue access tokens for other clients.
  • direct_read_access. Has read access to all records.
  • direct_access. Has read and write access to all records.
  • login_client. Creates a read-only client for logging users into your website or application. This prevents malicious users from gaining access to your owner client ID. See API Clients and Permissions for more details.
Note. Clients with the direct_read_access and direct_access features are still subject to the access schemas. For example, if a client has a write access schema defined, the client can write to the "foo" attribute only if it exists in the access schema and the client has the direct_access feature. The direct_access feature implies the direct_read_access feature.


200 OK

Example Error Response

  "argument_name": "features",
  "request_id": "at86pruhzayqxapr",
  "code": 200,
  "error_description": "features was not valid for the following reason:
    ninja_superuser is not a valid feature name",
  "error": "invalid_argument",
  "stat": "error"

Response Example (application/json)

  "stat": "ok"