Scripted REST API Roles
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎05-03-2022 09:19 AM
Hi,
I would like to control the specific actions a certain 3rd party will be able to do in our instance.
I understand that the best way to do it is to created scripted REST API so i can control the actions, the request and responses.
In the scripted REST API screen and in each method, there is a field for ACL.
My question -
1. Do i need to define a certain role, assigned it to ACL and then set this ACL to the scripted Rest API Records?
2. if i assign the role to a certain user - will he be able to use my scripted REST API - or do i need to assign him roles like "snc_platform_rest_api_access" or any other out of the box role that is related to API Usage.
If anyone is familiar with relevant documentation regarding this topic it will be very helpful.
Thank you,
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎05-03-2022 09:56 AM
If you create a specific account for your REST API, you can just provide the required access roles to the user, or add the roles to a group and add the REST API user to that depending on your organizations practices.
If you provide the base roles and it doesn't work how you intend it to, you can use the "Debug Roles and Security" log to figure out any roles or permissions that are missing.
Hopefully this helps.
Cheers,
Jay
