Question about "Make REST API calls with read access" permission

Question

Hi all,&nbsp;This is probably an obvious question, but I'd just like to get a quick confirmation...If I set the "Make REST API calls with read access" to GRANT for a role at the root node of my community, then does that mean ALL contents within the community is readable to that role with no way to DENY at any level? &nbsp; &nbsp;&nbsp;&nbsp;There are read access permissions (such as, "See categories", "Read posts", and "See discussions style boards") at the category/subcategory levels throughout the community, and I'd like to know if an explicit DENY on any of them would impact the read access of my API user. &nbsp;&nbsp;Thanks!

nehasharma · Answer

Hi&nbsp;syagumaIf you set the "Make REST API calls with Read access" to GRANT for a particular role at the root node, then it would be set as GRANT for all the sub nodes by Default. But you change this permission explicitly for a sub-node by&nbsp;changing permissions on that particular node.A better way to this would be to change permissions only on Sub nodes and not on root level until and unless we want to grant Permissions at the Root level.&nbsp;The Read Access permission&nbsp;is used to set read permissions for categories, boards, posts etc and&nbsp;it would not impact the read access to&nbsp;the API user.

syaguma · Answer

Hi&nbsp;nehaSharma,&nbsp;Thanks for the reply! &nbsp;&nbsp;I think I understand, but just to be sure... are you saying that the following are true?Permission settings for a role configured at the root node sets the global defaults for that role throughout the community. [Global defaults can be overridden by explicit Deny, as normal].Granting&nbsp;"Make REST API calls with Read access" and "Make REST API calls with Modify&nbsp;access" for a user&nbsp;essentially&nbsp;ignores all other permissions settings for that node... as long as the actions are performed via API.&nbsp;Thanks again!&nbsp;

syaguma · Answer

Tested #1 and it worked as you described, though I did encounter some odd behavior. If I have time, I'll think through the logic on what I observed.Thanks nehaSharma

Forum Discussion

Question about "Make REST API calls with read access" permission

Related Content

permissions for the user biography based on user roles

API Content and User Permissions

permission api

Permissions for view post with custom_tags

API permission issue

Recent Discussions

Connecting Khoros data to CRM (Salesforce)

API v1 docs gone since Atlas migration to Aurora

Does anyone know how to change the display title of Custom Fields in Aurora?

Can someone walk me through authenticating and using Postman with Aurora?

Seeking Advice on Restricting Access to a posts to those who have the permalink.