# updatePermissions The ‎`updatePermissions()` operation lets you change what an account or identifier is allowed to do on the Keeta Network. Use it to grant, restrict, or remove access to specific token-related actions for a given account. ```typescript userClient.updatePermissions( targetAccount, new Client.lib.Permissions([ "ACCESS", "ADMIN", // ...add or remove permissions as needed ]), tokenAccount, Client.lib.Block.AdjustMethod.SET, // Optional: SET (default), ADD, or SUBTRACT { account: tokenAccount } // Optional: options ) ``` *targetAccount*: The account to update permissions for. *permissions*: The new permissions to assign, as a ‎\`Permissions\` object. *tokenAccount*: The token (public address) these permissions relate to. *method* (optional): How to update permissions (‎\`SET\`, ‎\`ADD\`, or ‎\`SUBTRACT\`). *options* (optional): Additional settings (e.g. which account is performing the update). ## When to Use * Grant new permissions to an account for a specific token. * Remove or revoke existing permissions from an account. * Change roles or access after onboarding, role changes, or security reviews. * Respond to organizational changes or update access control policies. * Maintain secure and flexible token operations on the network. ## Permission Types Specify any combination of permission strings as defined in the SDK. For the complete list and descriptions, refer to the [static documentation](https://static.test.keeta.com/docs/enums/KeetaNetSDK.Referenced.BaseFlag.html#permission_delegate_add). ## Requirements To update permissions, the calling account must have the ‎`ACCESS` right on the token. Additionally, the account must either be an ‎`ADMIN` or have the ‎`PERMISSION_DELEGATE_ADD` permission. ## Code Example: How to Remove ACCESS Permission from an Account {% stepper %} {% step %} ### Identify the Target Account and Token Decide which account should lose access (‎`accountToDenyAccess`) and the token (‎`tokenAccount`) this affects. ```typescript // Example dummy public keys (replace with real ones in production) const accountToDenyAccess = "kta_1dummyaccountpublickeyxxxxxxxxxxxxxxxxxxxxxxxxxxxx"; const tokenAccount = "kta_1dummytokenpublickeyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyy"; ``` {% endstep %} {% step %} ### Prepare the Permissions Object Create a ‎`Permissions` object with the permission you want to remove. ```typescript const permissionsToRemove = new Client.lib.Permissions(["ACCESS"]); ``` {% endstep %} {% step %} ### Call updatePermissions with the SUBSTRACT method Use the ‎`SUBTRACT` method to remove the permission. ```typescript userClient.updatePermissions( accountToDenyAccess, permissionsToRemove, tokenAccount, Client.lib.Block.AdjustMethod.SUBTRACT, { account: tokenAccount } ); ``` {% hint style="info" %} If you wanted to add a permission instead, use the ‎`Client.lib.Block.AdjustMethod.ADD` and to set it `Client.lib.Block.AdjustMethod.SET`. {% endhint %} {% endstep %} {% step %} ### Confirm the Update Wait for confirmation on the network to ensure the permission has been removed. {% hint style="warning" %} The account performing this operation must have ‎`ACCESS` and either ‎`ADMIN` or ‎`PERMISSION_DELEGATE_ADD` rights on the token. {% endhint %} {% endstep %} {% endstepper %} --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.keeta.com/components/blocks/operations/updatepermissions.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.