REST API - isActionAuthorised

The table summarizes the REST API - isActionAuthorised.

Request

Format 
GET <baseurl>/security/authorised/<component>/<action>
Path parameters
  • component: Identifier of the application component to which the named system action belongs. It must be in capitals. See System Actions.
  • action: For a definition of the system action, see System Actions.
Query parameters
  • version=int (optional, default=-1): Major version number of the organization model in which an organization model entity resides. If not specified, the default value will be the latest version of the organization model.
  • performerentitytype=string (optional): Enumerated value defining the type of the organization model entity.
  • performerentityguid=string (optional): Globally unique ID of the organization model entity. (Although this value is unique across all entities, if the entity exists within more than one major version, it will share the same GUID.).
  • scopeentitytype=int (optional, default=-1): Enumerated value defining the scope of the organization model entity. For information about organizational entity scope, see Scope of System Actions.
  • scopeentityguid=int (optional, default=-1): Globally unique ID of the organization model entity. (Although this value is unique across all entities, if the entity exists within more than one major version, it will share the same GUID.) Can be obtained from getOrgModel or findResources.
  • faultonauthorised=boolean (optional, default=false): Boolean value indicating whether a service fault should be raised if any of the queried system actions are not authorised. If "false" , an un-authorized system action will be reported in the response.

Response

JSON Returns a JSON representation of the content of the isActionAuthorisedResponse element.
XML Returns the content of the isActionAuthorisedResponse element (from the SecurityService schema).

Note that if multiple system actions are passed in the request, a results of:

  • true means that the caller is authorized to perform all of the specified actions.
  • false means that the caller is authorized to perform some, or none, of the specified actions.

Example

Request 
GET <baseurl>/security/authorised/DE/browseModel
Response 
 <?xml version="1.0" encoding="UTF-8"?>
    <xml-fragment overall="true">
    <scope xsi:nil="true" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"/>
    <action component="DE" name="browseModel" authorised="true"/>
    </xml-fragment>