Access Profiles#
A logged in user is associated with an Access Profile that specifies access permissions to operations and models.
A user’s Access Profile may not apply to models that are included or referenced in for example GUI Rules, Wizards or models that provide choices.
For example, when API calls are made to models that contain choices, such as:
GET api/data/DataSync/add/?schema_rules=&schema=&format=json
then any model GET calls that are carried out to provide the list
of choices are shown with a generated auth_token
that is required
to provide access to these GET calls. This can be seen in the
returned schema, for example, for the target
call to show the
choices available for sync_order
in data/DataSync
([hierarchy]
is substituted with the GET caller hierarchy ID.):
sync_order: {
target: "/api/data/ModelTypeList/choices/?hierarchy=[hierarchy]&
field=name&format=json&
auth_token=[auth_token]"
title: "Synchronization Order"
description: "The selected 'ordered' model type list that was created
as a model instance of the Model Type List. This list dictates the
order in which models will be synchronized. See: Model Type List."
format: "uri"
choices: [ ]
target_attr: "name"
target_model_type: "data/ModelTypeList"
type: "string"
This auth_token
parameter is required to provide authorization to access the
data/ModelTypeList
, which may not be available in a user’s Access Profile.
In the VOSS Automate portal, the auth_token
is extracted from the target
in the schema snippet above
and instead of a parameter, sent as an Authorization
header.