Added identity providers —
Check the API reference
LogoLogo
Other APIsChangelog
  • Welcome to Provisioning API
  • Getting started
    • API specification
    • Authorization
    • Applications
  • API reference
    • API credentials
      • The API credential object
      • Create an API credential
      • List all API credentials
      • Retrieve an API credential
      • Update an API credential
      • Delete an API credential
    • Application memberships
      • The application membership object
      • Create an application membership
      • List all application memberships
      • Retrieve an application membership
      • Update an application membership
      • Delete an application membership
    • Identity providers
      • The identity provider object
      • Create an identity provider
      • List all identity providers
      • Retrieve an identity provider
      • Update an identity provider
      • Delete an identity provider
    • Memberships
      • The membership object
      • Create a membership
      • List all memberships
      • Retrieve a membership
      • Update a membership
      • Delete a membership
    • Membership profiles
      • The membership profile object
      • Create a membership profile
      • List all membership profiles
      • Retrieve a membership profile
      • Update a membership profile
      • Delete a membership profile
    • Organizations
      • The organization object
      • Create an organization
      • List all organizations
      • Retrieve an organization
      • Update an organization
    • Permissions
      • The permission object
      • Create a permission
      • List all permissions
      • Retrieve a permission
      • Update a permission
    • Roles
      • The role object
      • Create a role
      • List all roles
      • Retrieve a role
      • Update a role
    • User
      • The user object
      • Retrieve the user
      • Update the user
    • Versions
      • The version object
      • List all versions
      • Retrieve a version
On this page
  1. API reference

Permissions

The permission object and the allowed CRUD operations on the related resource endpoint

PreviousUpdate an organizationNextThe permission object

Last updated 1 year ago

To allow a seamless collaborative workflow, users can define and assign permissions to each role created. This allows different to have different privileges or different API credentials to be granted different permissions on CRUD operations at the single resource level.

Each permission is role and subject-specific, meaning that to you need to associate it with a role and specify the single resource involved. For that resource you can define the allowed actions by setting the 4 CRUD boolean attributes (which can be changed at any time):

  • can_read

  • can_create

  • can_update

  • can_delete

If you want to create a set of permissions involving different resources, you need to create a permission for each resource, associated with the same role.

When fetching a permission, you can check if additional restrictions have been applied by inspecting the restrictions object.

Existing permissions cannot be deleted using the Provisioning API.

Enterprise
members
create a new permission
integration
custom roles