View path-based ACLs from REST API Explorer

  • Release version: Australia
  • Updated March 12, 2026
  • 1 minute to read

    • Path-based Access Control Levels (ACLs) enable you to define access control rules for scripted REST API endpoints using their resource path. This can be done independently of the ACL references on the operation record. Path-based ACLs enable more flexible security configurations, especially for read-only APIs and guest user experiences.

    Before you begin

    Role required: admin

    Procedure

    1. Navigate to All > REST API Explorer
    2. Locate your API and expand the methods.
    3. Select the menu icon ().
    4. Select View Resource ACLs.
    5. Review the list of path-based ACLs protecting that endpoint.

      ACL interaction rules include:

      • No Overriding: Path-based ACLs do override operation-referenced ACLs or other path-based ACLs.
      • Owner Control: If the API owner has restrictive ACLs, your path-based ACLs can’t bypass them.