# createShareGrant

Source: /openapi/thomas-federated.openapi.json

## Operation

| Method | URL |
|---|---|
| POST | https://api.thomas.co/v1/share-grants |

| Field | Value |
|---|---|
| operationId | createShareGrant |
| method | POST |
| server | https://api.thomas.co/v1 |
| path | /share-grants |
| tags | `Sharing` |
| summary | Create a share grant (single recipient or team-bulk) |
| badges | None |

## Request Parameters

None.

## Request Body

| Content type | Schema refs |
|---|---|
| application/json | #/components/schemas/CreateShareGrantBodyDto |

## Responses

| Status | Description | Schema refs |
|---|---|---|
| 201 | Share grant created (single ShareGrant, or ShareGrant[] for team-bulk) | #/components/schemas/ShareGrantResponseDto |
| 400 | Invalid payload or self-share attempt | #/components/schemas/ApiErrorResponseDto |
| 401 | Invalid or missing authentication token (AUTH_TOKEN_INVALID) | #/components/schemas/ApiErrorResponseDto |
| 404 | Recipient (single mode) or team (team-bulk mode) not found | #/components/schemas/ApiErrorResponseDto |
| 409 | An active grant for this (sharer, recipient, dataType) already exists | #/components/schemas/ApiErrorResponseDto |

## Artifact Examples

### Response 400 example

```json
{
  "statusCode": 400,
  "message": "Validation failed",
  "error": "HTTP_BAD_REQUEST"
}
```

### Response 401 example

```json
{
  "statusCode": 401,
  "message": "Invalid or missing authentication token",
  "error": "AUTH_TOKEN_INVALID"
}
```

### Response 404 example

```json
{
  "statusCode": 404,
  "message": "Recipient company-individual not found in tenant",
  "error": "SHARE_RECIPIENT_NOT_FOUND"
}
```

### Response 409 example

```json
{
  "statusCode": 409,
  "message": "A conflicting share grant already exists",
  "error": "SHARE_GRANT_CONFLICT"
}
```
