1. Overview

These services verify if a specific user or user group can access a type or an attribute, and if the user or user group has global or catalog-specific permissions.

1.1. Version information

Version : 1.1.0

1.2. License information

License : Use of this file is subject to the terms of your agreement with SAP SE or its affiliates respecting the use of the SAP product for which this file relates.
Terms of service : null

1.3. URI scheme

Host : localhost:9001
BasePath : /permissionswebservices

1.4. Tags

  • Permissions : Manage permissions for principal

1.5. Produces

  • application/xml

  • application/json

2. Paths

2.1. Search Attributes Permissions

POST /v1/permissions/attributes/search

2.1.1. Description

Endpoint to retrieve attributes permissions for a principal. This will look in the principal hierarchy

2.1.2. Parameters

Type Name Description Schema Default

Query

attributes
required

Attribute names separated by comma. Attribute name format : ItemTypeName.AttributeName (e.g. User.name)

string

Query

fields
optional

Response configuration

string

"DEFAULT"

Query

permissionNames
required

Permission names separated by comma

string

Body

principalDTO
required

Principal identifier

PermissionsPrincipal

2.1.3. Responses

HTTP Code Description Schema

200

OK

PermissionsList

400

Bad Request e.g. incorrect parameter value

No Content

401

Unauthorized

No Content

403

Forbidden. Have no access to this endpoint or no access to principal’s permissions

No Content

2.1.4. Consumes

  • application/json

2.1.5. Tags

  • Permissions

2.1.6. Security

Type Name

oauth2

oauth2_client_credentials

oauth2

oauth2_password

2.2. Search Catalog Permissions

POST /v1/permissions/catalogs/search

2.2.1. Description

Endpoint to retrieve catalog permissions for a principal. This will look in the principal hierarchy.

2.2.2. Parameters

Type Name Description Schema Default

Query

catalogId
required

Catalog identifiers separated by comma

string

Query

catalogVersion
required

Catalog version identifiers separated by comma

string

Query

fields
optional

Response configuration

string

"DEFAULT"

Body

principalDTO
required

Principal identifier

PermissionsPrincipal

2.2.3. Responses

HTTP Code Description Schema

200

OK

CatalogPermissionsList

400

Bad Request e.g. incorrect parameter value

No Content

401

Unauthorized

No Content

403

Forbidden. Have no access to this endpoint or no access to principal’s permissions

No Content

2.2.4. Consumes

  • application/json

2.2.5. Tags

  • Permissions

2.2.6. Security

Type Name

oauth2

oauth2_client_credentials

oauth2

oauth2_password

2.3. Search Global Permissions

POST /v1/permissions/global/search

2.3.1. Description

Endpoint to retrieve global permissions for a principal. This will look in the principal hierarchy

2.3.2. Parameters

Type Name Description Schema Default

Query

fields
optional

Response configuration

string

"DEFAULT"

Query

permissionNames
required

Permission names separated by comma

string

Body

principalDTO
required

Principal identifier

PermissionsPrincipal

2.3.3. Responses

HTTP Code Description Schema

200

OK

Permissions

400

Bad Request e.g. incorrect parameter value

No Content

401

Unauthorized

No Content

403

Forbidden. Have no access to this endpoint or no access to principal’s permissions

No Content

2.3.4. Consumes

  • application/json

2.3.5. Tags

  • Permissions

2.3.6. Security

Type Name

oauth2

oauth2_client_credentials

oauth2

oauth2_password

2.4. Get Attributes Permissions

GET /v1/permissions/principals/{principalUid}/attributes
Caution

operation.deprecated

2.4.1. Description

Endpoint to retrieve attributes permissions for a principal. This will look in the principal hierarchy

2.4.2. Parameters

Type Name Description Schema Default

Path

principalUid
required

Principal identifier

string

Query

attributes
required

Attribute names separated by comma. Attribute name format : ItemTypeName.AttributeName (e.g. User.name)

string

Query

fields
optional

Response configuration

string

"DEFAULT"

Query

permissionNames
required

Permission names separated by comma

string

2.4.3. Responses

HTTP Code Description Schema

200

OK

PermissionsList

400

Bad Request e.g. incorrect parameter value

No Content

401

Unauthorized

No Content

403

Forbidden. Have no access to this endpoint or no access to principal’s permissions

No Content

2.4.4. Tags

  • Permissions

2.4.5. Security

Type Name

oauth2

oauth2_client_credentials

oauth2

oauth2_password

2.5. Get Catalog Permissions

GET /v1/permissions/principals/{principalUid}/catalogs
Caution

operation.deprecated

2.5.1. Description

Endpoint to retrieve catalog permissions for a principal. This will look in the principal hierarchy.

2.5.2. Parameters

Type Name Description Schema Default

Path

principalUid
required

Principal identifier

string

Query

catalogId
required

Catalog identifiers separated by comma

string

Query

catalogVersion
required

Catalog version identifiers separated by comma

string

Query

fields
optional

Response configuration

string

"DEFAULT"

2.5.3. Responses

HTTP Code Description Schema

200

OK

CatalogPermissionsList

400

Bad Request e.g. incorrect parameter value

No Content

401

Unauthorized

No Content

403

Forbidden. Have no access to this endpoint or no access to principal’s permissions

No Content

2.5.4. Tags

  • Permissions

2.5.5. Security

Type Name

oauth2

oauth2_client_credentials

oauth2

oauth2_password

2.6. Get Global Permissions

GET /v1/permissions/principals/{principalUid}/global
Caution

operation.deprecated

2.6.1. Description

Endpoint to retrieve global permissions for a principal. This will look in the principal hierarchy

2.6.2. Parameters

Type Name Description Schema Default

Path

principalUid
required

Principal identifier

string

Query

fields
optional

Response configuration

string

"DEFAULT"

Query

permissionNames
required

Permission names separated by comma

string

2.6.3. Responses

HTTP Code Description Schema

200

OK

Permissions

400

Bad Request e.g. incorrect parameter value

No Content

401

Unauthorized

No Content

403

Forbidden. Have no access to this endpoint or no access to principal’s permissions

No Content

2.6.4. Tags

  • Permissions

2.6.5. Security

Type Name

oauth2

oauth2_client_credentials

oauth2

oauth2_password

2.7. Get Types Permissions

GET /v1/permissions/principals/{principalUid}/types
Caution

operation.deprecated

2.7.1. Description

Endpoint to retrieve types permissions for a principal. This will look in the principal hierarchy

2.7.2. Parameters

Type Name Description Schema Default

Path

principalUid
required

Principal identifier

string

Query

fields
optional

Response configuration

string

"DEFAULT"

Query

permissionNames
required

Permission names separated by comma

string

Query

types
required

Type names separated by comma

string

2.7.3. Responses

HTTP Code Description Schema

200

OK

PermissionsList

400

Bad Request e.g. incorrect parameter value

No Content

401

Unauthorized

No Content

403

Forbidden. Have no access to this endpoint or no access to principal’s permissions

No Content

2.7.4. Tags

  • Permissions

2.7.5. Security

Type Name

oauth2

oauth2_client_credentials

oauth2

oauth2_password

2.8. Insert or Update Type Permissions

PUT /v1/permissions/types

2.8.1. Description

Endpoint to insert or update permissions of one or more types for a principal.

2.8.2. Parameters

Type Name Description Schema

Body

permissionsList
required

Permission list

TypePermissionsList

2.8.3. Responses

HTTP Code Description Schema

200

OK

TypePermissionsList

400

Bad Request e.g. incorrect parameter value

No Content

401

Unauthorized

No Content

403

Forbidden. Have no access to this endpoint or no access to principal’s permissions

No Content

2.8.4. Consumes

  • application/json

2.8.5. Produces

  • application/json

2.8.6. Tags

  • Permissions

2.8.7. Security

Type Name

oauth2

oauth2_client_credentials

oauth2

oauth2_password

2.9. Search Types Permissions

POST /v1/permissions/types/search

2.9.1. Description

Endpoint to retrieve types permissions for a principal. This will look in the principal hierarchy

2.9.2. Parameters

Type Name Description Schema Default

Query

fields
optional

Response configuration

string

"DEFAULT"

Query

permissionNames
required

Permission names separated by comma

string

Query

types
required

Type names separated by comma

string

Body

principalDTO
required

Principal identifier

PermissionsPrincipal

2.9.3. Responses

HTTP Code Description Schema

200

OK

PermissionsList

400

Bad Request e.g. incorrect parameter value

No Content

401

Unauthorized

No Content

403

Forbidden. Have no access to this endpoint or no access to principal’s permissions

No Content

2.9.4. Consumes

  • application/json

2.9.5. Tags

  • Permissions

2.9.6. Security

Type Name

oauth2

oauth2_client_credentials

oauth2

oauth2_password

3. Definitions

3.1. CatalogPermissions

Permissions for catalog

Name Description Schema

catalogId
required

Catalog identifier

string

catalogVersion
required

Catalog version identifier

string

permissions
optional

Permissions map

< string, string > map

syncPermissions
optional

Sync Permissions list

< SyncPermissions > array

3.2. CatalogPermissionsList

Catalog permissions list

Name Schema

permissionsList
optional

< CatalogPermissions > array

3.3. PermissionValues

CRUD permission values for any specific principal and type.

Name Description Schema

change
optional

Specifies if permission to update the type should be granted.

boolean

changerights
optional

Specifies if permission to change permissions on the type should be granted.

boolean

create
optional

Specifies if permission to create the type should be granted.

boolean

read
optional

Specifies if permission to read the type should be granted.

boolean

remove
optional

Specifies if permission to delete the type should be granted.

boolean

3.4. Permissions

Permissions for principal

Name Description Schema

id
required

Principal identifier

string

permissions
optional

Permissions map.

< string, string > map

3.5. PermissionsList

List of permissions

Name Schema

permissionsList
optional

< Permissions > array

3.6. PermissionsPrincipal

Principal DTO

Name Description Schema

principalUid
required

Principal identifier

string

3.7. SyncPermissions

Sync permission

Name Schema

canSynchronize
optional

boolean

targetCatalogVersion
optional

string

3.8. TypePermissions

Type with CRUD permission assignment values.

Name Description Schema

permissions
required

Type with CRUD permission assignment values.

PermissionValues

type
required

A Type specifying which type the permission assignment values are for.

string

3.9. TypePermissionsList

List type of permissions for any specific principal.

Name Description Schema

permissionsList
required

List type of permissions for any specific principal.

< TypePermissions > array

principalUid
required

ID of the principal to replace the permissions

string

4. Security

4.1. oauth2_client_credentials

Type : oauth2
Flow : application
Token URL : /authorizationserver/oauth/token

Name

permissionswebservices

4.2. oauth2_password

Type : oauth2
Flow : password
Token URL : /authorizationserver/oauth/token

Name

permissionswebservices