Access Authorization and Permissions
| Page Properties |
|---|
|
| Product Version |
|
|---|
| Report Note |
|
|---|
| Assignee |
|
|---|
Resources & Remarks Modification History | Name | Date | Product Version | Action |
|---|
| Antje | 08 FEB 2021 | 2.4 | New page properties macro. | | Antje | 23 FEB 2021 | 2020 Winter | Replace content. |
|
...
| Excerpt |
|---|
A yuuvis® Momentum user might be not authorized to use the full functionality of the system. Permissions can be set for users to allow or prohibit actions on objects of various types or the usage of specific endpoints. |
| Section |
|---|
|
| Column |
|---|
Table of Contents| Table of Contents |
|---|
| exclude | (Table of Contents|Read on|Assigning Roles to Users|Permissions via Roles|Access Authorization for Endpoints|Another interesting Tutorial|Ressources|Remarks) |
|---|
|
|
|
Permission System via Roles
The Core API protects documents against access by unauthorized persons through a permission system. Each user has one or more roles in this system, giving them access to various documents for specified actions. The user-role-mapping is managed separately.
>> Permissions via Roles
User-Role-Mapping
The user-role-mapping manages the assignment of roles to users. In yuuvis® Momentum, this mapping is managed separately from the authentication process itself and can be configured according to the customers' needs. Per default, the ORGANIZATION service is used, which can either read the information from a configuration file ("trusted") or request the information from the identity provider Keycloak.
>> Assigning Roles to Users
Define Permissions for Endpoints
The yuuvis® authentication service decides for each API request of any user if the access is granted or not. In its configuration, the access conditions can be defined individually for each API endpoint. Thus, permissions in yuuvis® Momentum can be set not only for types of actions and the usage of specific object types, but also directly for API endpoints. It is even possible to allow the usage of an API endpoint for callers without authentication.
>> Access Authorization for Endpoints
| Info |
|---|
|
Read on
| Section |
|---|
| Column |
|---|
| | Insert excerpt |
|---|
| Permissions via Roles |
|---|
| Permissions via Roles |
|---|
| nopanel | true |
|---|
|
Keep reading
|
| Column |
|---|
| | Insert excerpt |
|---|
| Assigning Roles to Users |
|---|
| Assigning Roles to Users |
|---|
| nopanel | true |
|---|
|
Keep reading
|
| Column |
|---|
| | Insert excerpt |
|---|
| Access Authorization for Endpoints |
|---|
| Access Authorization for Endpoints |
|---|
| nopanel | true |
|---|
|
Keep reading
|
|
|
...