Access Profiles

A logged in user is associated with an Access Profile that specifies access permissions to operations and models.

A user’s Access Profile may not apply to models that are included or referenced in for example GUI Rules, Wizards or models that provide choices.

For example, when API calls are made to models that contain choices, such as:

GET api/data/DataSync/add/?schema_rules=&schema=&format=json

then any model GET calls that are carried out to provide the list of choices are shown with a generated auth_token that is required to provide access to these GET calls. This can be seen in the returned schema, for example, for the target call to show the choices available for sync_order in data/DataSync ([hierarchy] is substituted with the GET caller hierarchy ID.):

sync_order: {
target: "/api/data/ModelTypeList/choices/?hierarchy=[hierarchy]&
 field=name&format=json&
 auth_token=[auth_token]"
title: "Synchronization Order"
description: "The selected 'ordered' model type list that was created
as a model instance of the Model Type List. This list dictates the
order in which models will be synchronized. See: Model Type List."
format: "uri"
choices: [ ]
target_attr: "name"
target_model_type: "data/ModelTypeList"
type: "string"

This auth_token parameter is required to provide authorization to access the data/ModelTypeList, which may not be available in a user’s Access Profile.