Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 25 Next »

Access Authorization and Permissions

A yuuvis® Momentum user might be not authorized to use the full functionality of the system. Permissions can be set for users to allow or prohibit actions on objects of various types or the usage of specific endpoints.

Table of Contents

Permission System via Roles

The Core API protects documents against access by unauthorized persons through a permission system. Each user has one or more roles in this system, giving them access to various documents for specified actions. The user-role-mapping is managed separately.

>> Permissions via Roles

User-Role-Mapping

The user-role-mapping manages the assignment of roles to users. In yuuvis® Momentum, this mapping is managed separately from the authentication process itself and can be configured according to the customers' needs. Per default, the ORGANIZATION service is used, which can either read the information from a configuration file ("trusted") or request the information from the identity provider Keycloak.

>> Assigning Roles to Users

Define Permissions for Endpoints

The yuuvis® authentication service decides for each API request of any user if the access is granted or not. In its configuration, the access conditions can be defined individually for each API endpoint. Thus, permissions in yuuvis® Momentum can be set not only for types of actions and the usage of specific object types, but also directly for API endpoints. It is even possible to allow the usage of an API endpoint for callers without authentication.

>> Access Authorization for Endpoints

Read on

Permissions via Roles

Error rendering macro 'excerpt-include' : No link could be created for 'Permissions via Roles'.
 Keep reading

Assigning Roles to Users

Error rendering macro 'excerpt-include' : No link could be created for 'Assigning Roles to Users'.
 Keep reading

Access Authorization for Endpoints

Error rendering macro 'excerpt-include' : No link could be created for 'Access Authorization for Endpoints'.
 Keep reading

  • No labels