diff --git a/docs/assets/images/api/api_roles.png b/docs/assets/images/api/api_roles.png
new file mode 100644
index 0000000..647ff0d
Binary files /dev/null and b/docs/assets/images/api/api_roles.png differ
diff --git a/docs/assets/images/api/api_roles_2.png b/docs/assets/images/api/api_roles_2.png
new file mode 100644
index 0000000..c13b646
Binary files /dev/null and b/docs/assets/images/api/api_roles_2.png differ
diff --git a/docs/extend/api.md b/docs/extend/api.md
index 07b62d8..6f439ee 100644
--- a/docs/extend/api.md
+++ b/docs/extend/api.md
@@ -75,4 +75,30 @@ headers = {
     'AUTHORIZATION': f'Token {token}'
 }
 response = request.get('http://localhost:8080/api/part/', data=data, headers=headers)
-```
\ No newline at end of file
+```
+
+## Authorization
+
+### User Roles
+
+Users can only perform REST API actions which align with their assigned [role permissions](../../admin/permissions/#roles). 
+Once a user has *authenticated* via the API, a list of the available roles can be retrieved from:
+
+`/api/user/roles/`
+
+For example, when accessing the API from a *superuser* account:
+
+{% with id="api_roles", url="api/api_roles.png", description="API superuser roles" %}
+{% include 'img.html' %}
+{% endwith %}
+
+Or, when accessing the API from an account which has read-only permissions:
+
+{% with id="api_roles_2", url="api/api_roles_2.png", description="API user roles" %}
+{% include 'img.html' %}
+{% endwith %}
+
+### Permission Denied
+
+If an API action outside of the user's role(s) is attempted, the server will respond with a 403 permission error message.
+
diff --git a/docs/releases/0.1.7.md b/docs/releases/0.1.7.md
index 513abcd..785a148 100644
--- a/docs/releases/0.1.7.md
+++ b/docs/releases/0.1.7.md
@@ -31,7 +31,7 @@ Label printing functionality has been simplified and brought into line with the
 
 ### API Permissions
 
-[#1363](https://github.com/inventree/InvenTree/pull/1363) enforces user role permissions onto the REST API endpoints. Authenticated users can now only perform REST actions which align with their allocated role(s).
+[#1363](https://github.com/inventree/InvenTree/pull/1363) enforces user role permissions onto the REST API endpoints. Authenticated users can now only perform REST actions which align with their allocated role(s). Refer to the [API documentation](../../extend/api/#authorization) for further information.
 
 ## Major Bug Fixes
 | PR | Description |