1. Overview
These services verify if a specific user or user group can access a type or an attribute, and if the user or user group has global or catalog-specific permissions.
1.1. Version information
Version : 1.1.0
1.2. License information
License : Use of this file is subject to the terms of your agreement with SAP SE or its affiliates respecting the use of the SAP product for which this file relates.
Terms of service : null
1.3. URI scheme
Host : localhost:9001
BasePath : /permissionswebservices
1.4. Tags
-
Permissions : Manage permissions for principal
1.5. Produces
-
application/xml
-
application/json
2. Paths
2.1. Search Attributes Permissions
POST /v1/permissions/attributes/search
2.1.1. Description
Endpoint to retrieve attributes permissions for a principal. This will look in the principal hierarchy
2.1.2. Parameters
Type | Name | Description | Schema | Default |
---|---|---|---|---|
Query |
attributes |
Attribute names separated by comma. Attribute name format : ItemTypeName.AttributeName (e.g. User.name) |
string |
|
Query |
fields |
Response configuration |
string |
|
Query |
permissionNames |
Permission names separated by comma |
string |
|
Body |
principalDTO |
Principal identifier |
2.1.3. Responses
HTTP Code | Description | Schema |
---|---|---|
200 |
OK |
|
400 |
Bad Request e.g. incorrect parameter value |
No Content |
401 |
Unauthorized |
No Content |
403 |
Forbidden. Have no access to this endpoint or no access to principal’s permissions |
No Content |
2.1.4. Consumes
-
application/json
2.1.5. Tags
-
Permissions
2.1.6. Security
Type | Name |
---|---|
oauth2 |
|
oauth2 |
2.2. Search Catalog Permissions
POST /v1/permissions/catalogs/search
2.2.1. Description
Endpoint to retrieve catalog permissions for a principal. This will look in the principal hierarchy.
2.2.2. Parameters
Type | Name | Description | Schema | Default |
---|---|---|---|---|
Query |
catalogId |
Catalog identifiers separated by comma |
string |
|
Query |
catalogVersion |
Catalog version identifiers separated by comma |
string |
|
Query |
fields |
Response configuration |
string |
|
Body |
principalDTO |
Principal identifier |
2.2.3. Responses
HTTP Code | Description | Schema |
---|---|---|
200 |
OK |
|
400 |
Bad Request e.g. incorrect parameter value |
No Content |
401 |
Unauthorized |
No Content |
403 |
Forbidden. Have no access to this endpoint or no access to principal’s permissions |
No Content |
2.2.4. Consumes
-
application/json
2.2.5. Tags
-
Permissions
2.2.6. Security
Type | Name |
---|---|
oauth2 |
|
oauth2 |
2.3. Search Global Permissions
POST /v1/permissions/global/search
2.3.1. Description
Endpoint to retrieve global permissions for a principal. This will look in the principal hierarchy
2.3.2. Parameters
Type | Name | Description | Schema | Default |
---|---|---|---|---|
Query |
fields |
Response configuration |
string |
|
Query |
permissionNames |
Permission names separated by comma |
string |
|
Body |
principalDTO |
Principal identifier |
2.3.3. Responses
HTTP Code | Description | Schema |
---|---|---|
200 |
OK |
|
400 |
Bad Request e.g. incorrect parameter value |
No Content |
401 |
Unauthorized |
No Content |
403 |
Forbidden. Have no access to this endpoint or no access to principal’s permissions |
No Content |
2.3.4. Consumes
-
application/json
2.3.5. Tags
-
Permissions
2.3.6. Security
Type | Name |
---|---|
oauth2 |
|
oauth2 |
2.4. Get Attributes Permissions
GET /v1/permissions/principals/{principalUid}/attributes
Caution
|
operation.deprecated |
2.4.1. Description
Endpoint to retrieve attributes permissions for a principal. This will look in the principal hierarchy
2.4.2. Parameters
Type | Name | Description | Schema | Default |
---|---|---|---|---|
Path |
principalUid |
Principal identifier |
string |
|
Query |
attributes |
Attribute names separated by comma. Attribute name format : ItemTypeName.AttributeName (e.g. User.name) |
string |
|
Query |
fields |
Response configuration |
string |
|
Query |
permissionNames |
Permission names separated by comma |
string |
2.4.3. Responses
HTTP Code | Description | Schema |
---|---|---|
200 |
OK |
|
400 |
Bad Request e.g. incorrect parameter value |
No Content |
401 |
Unauthorized |
No Content |
403 |
Forbidden. Have no access to this endpoint or no access to principal’s permissions |
No Content |
2.4.4. Tags
-
Permissions
2.4.5. Security
Type | Name |
---|---|
oauth2 |
|
oauth2 |
2.5. Get Catalog Permissions
GET /v1/permissions/principals/{principalUid}/catalogs
Caution
|
operation.deprecated |
2.5.1. Description
Endpoint to retrieve catalog permissions for a principal. This will look in the principal hierarchy.
2.5.2. Parameters
Type | Name | Description | Schema | Default |
---|---|---|---|---|
Path |
principalUid |
Principal identifier |
string |
|
Query |
catalogId |
Catalog identifiers separated by comma |
string |
|
Query |
catalogVersion |
Catalog version identifiers separated by comma |
string |
|
Query |
fields |
Response configuration |
string |
|
2.5.3. Responses
HTTP Code | Description | Schema |
---|---|---|
200 |
OK |
|
400 |
Bad Request e.g. incorrect parameter value |
No Content |
401 |
Unauthorized |
No Content |
403 |
Forbidden. Have no access to this endpoint or no access to principal’s permissions |
No Content |
2.5.4. Tags
-
Permissions
2.5.5. Security
Type | Name |
---|---|
oauth2 |
|
oauth2 |
2.6. Get Global Permissions
GET /v1/permissions/principals/{principalUid}/global
Caution
|
operation.deprecated |
2.6.1. Description
Endpoint to retrieve global permissions for a principal. This will look in the principal hierarchy
2.6.2. Parameters
Type | Name | Description | Schema | Default |
---|---|---|---|---|
Path |
principalUid |
Principal identifier |
string |
|
Query |
fields |
Response configuration |
string |
|
Query |
permissionNames |
Permission names separated by comma |
string |
2.6.3. Responses
HTTP Code | Description | Schema |
---|---|---|
200 |
OK |
|
400 |
Bad Request e.g. incorrect parameter value |
No Content |
401 |
Unauthorized |
No Content |
403 |
Forbidden. Have no access to this endpoint or no access to principal’s permissions |
No Content |
2.6.4. Tags
-
Permissions
2.6.5. Security
Type | Name |
---|---|
oauth2 |
|
oauth2 |
2.7. Get Types Permissions
GET /v1/permissions/principals/{principalUid}/types
Caution
|
operation.deprecated |
2.7.1. Description
Endpoint to retrieve types permissions for a principal. This will look in the principal hierarchy
2.7.2. Parameters
Type | Name | Description | Schema | Default |
---|---|---|---|---|
Path |
principalUid |
Principal identifier |
string |
|
Query |
fields |
Response configuration |
string |
|
Query |
permissionNames |
Permission names separated by comma |
string |
|
Query |
types |
Type names separated by comma |
string |
2.7.3. Responses
HTTP Code | Description | Schema |
---|---|---|
200 |
OK |
|
400 |
Bad Request e.g. incorrect parameter value |
No Content |
401 |
Unauthorized |
No Content |
403 |
Forbidden. Have no access to this endpoint or no access to principal’s permissions |
No Content |
2.7.4. Tags
-
Permissions
2.7.5. Security
Type | Name |
---|---|
oauth2 |
|
oauth2 |
2.8. Insert or Update Type Permissions
PUT /v1/permissions/types
2.8.1. Description
Endpoint to insert or update permissions of one or more types for a principal.
2.8.2. Parameters
Type | Name | Description | Schema |
---|---|---|---|
Body |
permissionsList |
Permission list |
2.8.3. Responses
HTTP Code | Description | Schema |
---|---|---|
200 |
OK |
|
400 |
Bad Request e.g. incorrect parameter value |
No Content |
401 |
Unauthorized |
No Content |
403 |
Forbidden. Have no access to this endpoint or no access to principal’s permissions |
No Content |
2.8.4. Consumes
-
application/json
2.8.5. Produces
-
application/json
2.8.6. Tags
-
Permissions
2.8.7. Security
Type | Name |
---|---|
oauth2 |
|
oauth2 |
2.9. Search Types Permissions
POST /v1/permissions/types/search
2.9.1. Description
Endpoint to retrieve types permissions for a principal. This will look in the principal hierarchy
2.9.2. Parameters
Type | Name | Description | Schema | Default |
---|---|---|---|---|
Query |
fields |
Response configuration |
string |
|
Query |
permissionNames |
Permission names separated by comma |
string |
|
Query |
types |
Type names separated by comma |
string |
|
Body |
principalDTO |
Principal identifier |
2.9.3. Responses
HTTP Code | Description | Schema |
---|---|---|
200 |
OK |
|
400 |
Bad Request e.g. incorrect parameter value |
No Content |
401 |
Unauthorized |
No Content |
403 |
Forbidden. Have no access to this endpoint or no access to principal’s permissions |
No Content |
2.9.4. Consumes
-
application/json
2.9.5. Tags
-
Permissions
2.9.6. Security
Type | Name |
---|---|
oauth2 |
|
oauth2 |
3. Definitions
3.1. CatalogPermissions
Permissions for catalog
Name | Description | Schema |
---|---|---|
catalogId |
Catalog identifier |
string |
catalogVersion |
Catalog version identifier |
string |
permissions |
Permissions map |
< string, string > map |
syncPermissions |
Sync Permissions list |
< SyncPermissions > array |
3.2. CatalogPermissionsList
Catalog permissions list
Name | Schema |
---|---|
permissionsList |
< CatalogPermissions > array |
3.3. PermissionValues
CRUD permission values for any specific principal and type.
Name | Description | Schema |
---|---|---|
change |
Specifies if permission to update the type should be granted. |
boolean |
changerights |
Specifies if permission to change permissions on the type should be granted. |
boolean |
create |
Specifies if permission to create the type should be granted. |
boolean |
read |
Specifies if permission to read the type should be granted. |
boolean |
remove |
Specifies if permission to delete the type should be granted. |
boolean |
3.4. Permissions
Permissions for principal
Name | Description | Schema |
---|---|---|
id |
Principal identifier |
string |
permissions |
Permissions map. |
< string, string > map |
3.6. PermissionsPrincipal
Principal DTO
Name | Description | Schema |
---|---|---|
principalUid |
Principal identifier |
string |
3.7. SyncPermissions
Sync permission
Name | Schema |
---|---|
canSynchronize |
boolean |
targetCatalogVersion |
string |
3.8. TypePermissions
Type with CRUD permission assignment values.
Name | Description | Schema |
---|---|---|
permissions |
Type with CRUD permission assignment values. |
|
type |
A Type specifying which type the permission assignment values are for. |
string |
3.9. TypePermissionsList
List type of permissions for any specific principal.
Name | Description | Schema |
---|---|---|
permissionsList |
List type of permissions for any specific principal. |
< TypePermissions > array |
principalUid |
ID of the principal to replace the permissions |
string |
4. Security
4.1. oauth2_client_credentials
Type : oauth2
Flow : application
Token URL : /authorizationserver/oauth/token
Name |
---|
permissionswebservices |
4.2. oauth2_password
Type : oauth2
Flow : password
Token URL : /authorizationserver/oauth/token
Name |
---|
permissionswebservices |