This repository has been archived by the owner on Apr 27, 2021. It is now read-only.
User
michael.vidal edited this page Jun 19, 2017
·
2 revisions
The User resource allows client applications to retrieve a list of permissions for a user.
By default the GET method will return all the permissions based on the grain/topLevelSecurableItem combination related to the client id of the relying party application. This can be overridden by passing in the optional grain and securableItem query string parameters. Note that a relying party application cannot request a grain/securableItem that it doesn't own.
GET /user/permissions
| Name | Location | Type | Description |
|---|---|---|---|
| grain | query | string | The top level grain to return permissions for |
| securableItem | query | string | the specific securableItem within the grain to return permissions for |
This request requires authorization with the following scopes:
fabric/authorization.read
Do not supply a request body with this method
{
"permissions": [
string
],
"requestedGrain": string,
"requestedSecurableItem": string
}
A Forbidden response will be returned in the following cases:
- If the requested grain/securableItem does not match the clientid presented
- If the access token can not be validated (i.e. is forged or doesn't have the correct scope)