Service Authorizations
Last modified 22 Apr 2021 17:31 +02:00

REST Service Authorizations

ID Action Allowed access to page

1

http://midpoint.evolveum.com/xml/ns/public/security/authorization-rest-3#all

All operations

Web Service (SOAP) Authorizations

ID Action Allowed access to page

1

http://midpoint.evolveum.com/xml/ns/public/security/authorization-ws-3#all

All operations

2

http://midpoint.evolveum.com/xml/ns/public/security/authorization-ws-3#getObject

getObject operation

3

http://midpoint.evolveum.com/xml/ns/public/security/authorization-ws-3#searchObjects

searchObjects operation

4

http://midpoint.evolveum.com/xml/ns/public/security/authorization-ws-3#executeChanges

executeChanges operation

5

http://midpoint.evolveum.com/xml/ns/public/security/authorization-ws-3#findShadowOwner

findShadowOwner operation

6

http://midpoint.evolveum.com/xml/ns/public/security/authorization-ws-3#testResource

testResource operation

7

http://midpoint.evolveum.com/xml/ns/public/security/authorization-ws-3#importFromResource

importFromResource operation

8

http://midpoint.evolveum.com/xml/ns/public/security/authorization-ws-3#notifyChange

notifyChange operation

9

http://midpoint.evolveum.com/xml/ns/public/security/authorization-ws-3#executeScripts

executeScripts operation

Service Authorizations and Object Authorizations

WS or REST authorizations are necessary, but not sufficient condition to allow access to data in midPoint. These authorizations are just the "first line" of defense. The user needs to have these authorizations to invoke the service operation. But this authorization does not give access to any data. For practical use-cases the user must also have ordinary (object) authorizations such as read, add, modify or delete to access any midPoint data. Without these authorizations the WS/REST authorizations are almost useless.

See Also

Was this page helpful?
YES NO
Thanks for your feedback