SOAP API - isActionAuthorised

• scope: If scope is not specified, authorization is tested against the organization model, rather than a scoped entity.
• scope.entity-type: For information about organizational entity scope, see Scope of System Actions.
• scope.guid: Can be obtained from getOrgModel or findResources.
• action: The application component to which the system action belongs, as well as the name of the system action. The component must be passed as all uppercase. For a list of the available components and system actions, see System Actions.

Note that if multiple system actions are passed in the request, a results of:

• true means that the caller is authorized to perform all of the specified actions.
• false means that the caller is authorized to perform some, or none, of the specified actions.

<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:sec="http://security.api.de.n2.tibco.com">
   <soapenv:Header/>
   <soapenv:Body>
      <sec:isActionAuthorised fault-on-unauthorised="false">
         <scope model-version="-1" entity-type="POSITION" guid="_9y7hYMpREd64gM7QE8RwxA" /> -->
         <action component="BRM" name="viewWorkList"/>
      </sec:isActionAuthorised>
   </soapenv:Body>
</soapenv:Envelope>

<SOAP-ENV:Envelope xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/">
   <SOAP-ENV:Header/>
   <SOAP-ENV:Body>
      <isActionAuthorisedResponse overall="true" xmlns="http://security.api.de.n2.tibco.com">
         <scope entity-type="POSITION" guid="_9y7hYMpREd64gM7QE8RwxA" model-version="-1" xmlns="" xmlns:sec="http://security.api.de.n2.tibco.com" xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"/>
         <action authorised="true" component="BRM" name="viewWorkList" xmlns=""/>
      </isActionAuthorisedResponse>
   </SOAP-ENV:Body>
</SOAP-ENV:Envelope>