...
The Authorization Service offers a REST-based Application Programming Interface (API) to CRUD (create, read, update and delete) operations on individual permission and role instances. These follow the Common model for CollectionSpace REST services. However, on relationships between the permissions and roles, only CRD (create, read and delete) operations are supported. Also, there are some exceptions that are documented below.
...