Working with Authorizations

Authorization Policies allow you to control access to Queries, Actions, and Views by specifying who can interact with these elements based on various criteria. In these modules, you will find an Authorization section that allows you to specify how and when users can interact with the API or functionality. Below, you'll find detailed instructions on how to configure each type of Authorization Policy.

Steps to Define an Authorization Policy

  1. Navigate to the Authorization Section

    • Within the Query, Action, or View module, locate the Authorization section.

  2. Select an Authorization Policy

    • Choose the desired Authorization Policy from the dropdown list. The available options are:

      • Anonymous

      • Anonymous or Authenticated User

      • Only Authenticated User

      • Demand User Role

      • Demand Entity Role

      • Demand User Permission

      • Demand Entity Permission

      • Demand Entity Owner

  3. Configure the Selected Authorization Policy

    • Depending on the selected Authorization Policy, additional fields may need to be filled out. Below are the details for each policy:

      • Anonymous Access

        • Note: No additional fields are required for this policy.

      • Anonymous or Authenticated User

        • Note: No additional fields are required for this policy.

      • Only Authenticated User

        • Note: No additional fields are required for this policy.

      • Demand User Role

        • Additional Fields to fill:

          1. Role: Specify the role required for access from the list of roles defined on the system.

      • Demand Entity Role

        • Additional Fields to fill:

          1. Role: Specify the role required for access to the entity from the list of roles defined on the system.

          2. Entity: Identify the specific entity related to the role from the list of entities defined on the system.

          3. Record ID: Provide the unique ID of the entity record if enforcing the policy at the record level.

      • Demand User Permission

        • Additional Fields to fill:

          1. Permission: Specify the permission required for access from the list of permissions defined on the system.

      • Demand Entity Permission

        • Additional Fields to fill:

          1. Permission: Specify the permission required for access to the entity from the list of permissions defined on the system.

          2. Entity: Identify the specific entity related to the permission from the list of entities defined on the system.

          3. Record ID: Provide the unique ID of the entity record if enforcing the policy at the record level.

      • Demand Entity Owner

        • Additional Fields to fill:

          1. Entity: Identify the specific entity to enforce ownership.

          2. Record ID: Provide the unique ID of the entity record to enforce the owner’s access.

  4. Save the Authorization Policy

    • After configuring the necessary fields based on your selected policy, click Save to apply the policy to the Query, Action, or View.

PreviousAuthorization BasicsNextView Basics

Last updated