# Create Permission
`POST /permissions`
Creates a permission that allows certain specified operations to be executed. Response is either the permission object itself (success) or a reason why it was not possible to create the permission (failure).
{% hint style="info" %}
* User action signature required. See [User Action Signing](https://docs-legacy.dfns.co/d/api-docs/authentication/user-action-signing) for more information.
* Request headers required. See [Request Headers](https://docs-legacy.dfns.co/d/advanced-topics/authentication/request-headers) for more information.
* Authentication required. See [Authentication Headers](https://docs-legacy.dfns.co/d/advanced-topics/authentication/request-headers#authentication-headers) for more information.
{% endhint %}
## Required Permissions
| Name | Conditions |
| -------------------- | --------------- |
| `Permissions:Create` | Always Required |
## Request body
In the **request body** specify the **permisison name**, as well as a list of **operations** that this permission will allow.
property
Type - Required
Description
name
String -Required
Name of the permission.
operations
String Array - Required
List of allowed operations. This this list for all the available operations.
### Request example
```JSON
{
"name": "US Perms",
"operations": ["Wallets:Read", "Wallets:Create"]
}
```
## Response
### Response example
```json
// permission
{
"id": "pm-orange-apple-2b17a80613",
"name": "US Perms",
"operations": ["Wallets:Read", "Wallets:Create"],
"status": "Active",
"isImmutable": false,
"dateCreated": "2022-10-26T08:30:25.348Z",
"dateUpdated": "2022-10-26T08:30:25.348Z",
"isArchived": false
}
```
## Notes
A permission name cannot be an empty string and a permission must have at least one operation specified.
A permission name is the unique identifier of a permission created in your organization. Therefore, multiple permissions with the same name cannot exist. If a permission has been archived, its name is still considered as taken.