/
permissions.md
95 lines (76 loc) · 2.63 KB
/
permissions.md
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
---
date: 2017-03-27T12:13:12+01:00
title: Additional Permissions API
menu:
main:
parent: "Tyk Dashboard API"
weight: 5
aliases: /tyk-apis/tyk-dashboard-api/org/permissions
---
{{< note success >}}
**Note**
This API helps you to add and delete (CRUD) a list of additional (custom) permissions for your Dashboard users.
Once created, a custom permission will be added to standard list of user permissions.
<br/>
Only Admin Dashboard users will be authorised to use this API.
{{< /note >}}
### List Additional Permissions
This API returns by default the initial set of additional permissions defined in your Tyk Dashboard configuration, under [security.additional_permissions]({{< ref "tyk-dashboard/configuration#securityadditional_permissions" >}}).
Once you update the permissions via the API, they will be stored at organisation level.
| **Property** | **Description** |
| ------------ | --------------------- |
| Resource URL | `/api/org/permissions`|
| Method | GET |
| Type | None |
| Body | None |
| Param | None |
#### Sample Request
```{.copyWrapper}
GET /api/org/permissions HTTP/1.1
Host: localhost:3000
authorization:7a7b140f-2480-4d5a-4e78-24049e3ba7f8
```
#### Sample Response
```
{
"additional_permissions": {
"api_developer": "API Developer",
"api_manager": "API Manager"
}
}
```
### Add/Delete/Update Additional Permission
{{< note success >}}
**Note**
Whenever you want to add/update/delete an additional permission, just send back the updated list of permissions, through a PUT request to the API.
{{< /note >}}
| **Property** | **Description** |
| ------------ | ------------------------ |
| Resource URL | `/api/org/permission` |
| Method | PUT |
| Type | None |
| Body | Permissions Object |
| Param | None |
#### Sample Request
Let's imagine we have already defined two additional permissions: `api_developer` and `api_manager`. In order to add a new permission to this list, just send
an updated list of permissions by appending the values you want. In this example we will add a `custom_permission` permission.
```{.copyWrapper}
PUT /api/org/permissions HTTP/1.1
Host: localhost:3000
authorization:7a7b140f-2480-4d5a-4e78-24049e3ba7f8
{
"additional_permissions": {
"api_developer": "API Developer",
"api_manager": "API Manager",
"custom_permission": "Custom Permission"
}
}
```
#### Sample Response
```
{
"Status": "OK",
"Message": "Additional Permissions updated in org level",
"Meta": null
}
```