API Permissions

Permission Description

Since Identity Management APIs are authorized at the application level, you need to set the corresponding API permissions for the application before calling APIs from various modules. The built-in API permissions in the IDaaS platform and their descriptions are as follows.

Permission Code	Description
all	Read and write permissions for all interfaces
read	Permissions for all read interfaces
account_read	Read permissions for account management interfaces
account_all	Read and write permissions for account management interfaces
app_org_read	Read permissions for application organization management interfaces
app_org_all	Read and write permissions for application organization management interfaces
org_read	Read permissions for organization management interfaces
org_all	Read and write permissions for organization management interfaces
user_read	Read permissions for user management interfaces
user_all	Read and write permissions for user management interfaces
job_title_read	Read permissions for job title management interfaces
job_title_all	Read and write permissions for job title management interfaces
job_position_read	Read permissions for job position management interfaces
job_position_all	Read and write permissions for job position management interfaces
app_role_read	Read-only permissions for application-side roles
app_role_all	Read and write permissions for application-side roles

Authorization Operation

1. Log in to the IDaaS Enterprise Center platform, select "Resources > Enterprise APIs" in the top navigation bar, go to the built-in APIs, switch to the "Application Authorization" tab, and authorize the created application.

2. Select "Resources > Applications" in the top navigation bar, click to enter the created application, switch to the "API Permissions" tab, and add built-in API permissions to the application according to the actual project needs.