You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Authorization is a major concern and therefore I would also like to see a chapter which describes how access to a hydra-driven API can can restricted.
I think the obvious strategy is to "render" hydra-core documents with only the operations which are allowed for by the requesting client. This may sound natural but I think it is essential information for someone exploring the matters.
The text was updated successfully, but these errors were encountered:
PROPOSAL: Mention that links can be shown/hidden based on the current user's permissions and add an example to the specification to illustrate it. Other than that, authorization is out of scope for the Hydra Core vocabulary but it would make a lot of sense to create a separate vocabulary for this.
_Raised by Thomas Hoppe:_
Authorization is a major concern and therefore I would also like to see a chapter which describes how access to a hydra-driven API can can restricted.
I think the obvious strategy is to "render" hydra-core documents with only the operations which are allowed for by the requesting client. This may sound natural but I think it is essential information for someone exploring the matters.
The text was updated successfully, but these errors were encountered: