From b51e36d2c180047d01723ea6c6ad04413bf77e98 Mon Sep 17 00:00:00 2001
From: Ciotka Cierpienia <knapik.kinga@gmail.com>
Date: Thu, 12 Dec 2024 13:41:55 +0100
Subject: [PATCH] ref #25818 add information about connection between user
 roles and API keys

---
 docs/panel/user-roles.md | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/docs/panel/user-roles.md b/docs/panel/user-roles.md
index 7a897f24..0573a1c4 100644
--- a/docs/panel/user-roles.md
+++ b/docs/panel/user-roles.md
@@ -76,6 +76,10 @@ To manage user roles, navigate to the dedicated **User Roles** section within th
 
 ![](images/user-roles/assign_role.png){: .border}
 
+!!! warning
+    User roles will also restrict the API keys owned by that user (both global and scoped) to ensure that users have only access to the types and objects they should have access to.
+    If the user has generated the scoped API key before the admin assigned the role, the key will lose access to types not included in the role.
+
 ## Custom User Roles
 
 !!! note