Versions Compared

Old Version 6

changes.mady.by.user Silvan Grüter

Saved on

compared with

New Version 7

changes.mady.by.user Silvan Grüter

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

In order to access the API, you will need to configure an appropriate client of the CoreOne Suite application and assign the cos_auth_api scope. Additionally you will need an appropriate user with permissions to access the data, that’s either the CoreOne Authentication Service API Read Permissions for any Application or the CoreOne Authentication Service API Read Permissions for My Application resource. Authentication then is done by passing a bearer token in each request. Also note that in order to receive the email address of a user, the client needs to have access to the email scope.

...

Code Block
{authentication service url}/api/permission?contextType=User&contextObjectIdentifier=17175&application=trusteeApp

or

Code Block
{authentication service url}/api/permission/myapplication?contextType=User&contextObjectIdentifier=17175

Property

Data Type

Example

Description

contextType

String

User

Set this to User as you are interested in representations for a user

contextObjectIdentifier

String

17175

This is dependent on how the user is stored. By default it’s the user id. But if any token transformation has been applied, this might also be the users email or any other unique attribute.

application

String

trusteeApp

The name of the application to which the permission have to belong

...

Code Block
{authentication service url}/api/permission?contextType=OrganizationUnit&contextObjectIdentifier=5445&application=trusteeApp

or

Code Block
{authentication service url}/api/permission/myapplication?contextType=OrganizationUnit&contextObjectIdentifier=5445

Property

Data Type

Example

Description

contextType

String

OrganizationUnit

Set this to User as you are interested in representations for a user

contextObjectIdentifier

String

5445

This is dependent on how the organization is stored. By default it’s the organization unit id. But if any token transformation has been applied, this might also be the companies UID or any other unique attribute.

application

String

trusteeApp

The name of the application to which the permission have to belong

...

Code Block
{authentication service url}/api/permission?application=Trustee Test Application&userSubject=c1s:17173

or

Code Block
{authentication service url}/api/permission/myapplication?userSubject=c1s:17173

Property

Data Type

Example

Description

application

String

"Trustee Test Application"

The name of the application to which the permission have to belong

userSubject

String

c1s:17173

The subject of the user. This is usually used when the user is logged in, so the subject can be taken directly from the token.