# User permissions ### User Activity and Data Policies The actions that a user is allowed to take and the data they are able to retrieve via the Rightsline API are determined by the permissions granted to them by the Activity and Data Policies that are assigned to them. The same actions and data that are available through the Rightsline application for a user are available when calling the API. {% hint style="info" %} A read-only user will be able to access endpoints via the GET method to retrieve records and relationships, but will not be able to create or update records via the POST and PUT methods. Read-only users would also have permission to POST to the /search endpoints to retrieve records and relationships. {% endhint %} --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://api-docs.rightsline.com/authentication/user-permissions.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.