Skip to end of metadata
Go to start of metadata

Web Service (SOAP) Authorizations

 

REST Service Authorizations

ID
Action
Allowed access to page
1http://midpoint.evolveum.com/xml/ns/public/security/authorization-rest-3#allAll operations

Service Authorizations and Object Authorizations

WS or REST authorizations are necessary, but not sufficient condition to allow access to data in midPoint. These authorizations are just the "first line" of defense. The user needs to have these authorizations to invoke the service operation. But this authorization does not give access to any data. For practical use-cases the user must also have ordinary (object) authorizations such as read, add, modify or delete to access any midPoint data. Without these authorizations the WS/REST authorizations are almost useless.

See Also

  • No labels