Rest API security

The REST API security based on API keys involves authenticating and authorizing users to access specific resources and perform certain actions.

How to use

In order to create (or edit) Rest API security, in the Develop app, click on main menu and select Rest API security. In the page that opens click the Add button or select and existing one and click the Edit button.

Designer

Fields in the sidebar:

  1. Name - The name of the rest api security.
  2. API key hashed - The hashed api key.
  3. Login As (user name) - The user that gets impersonated in the ONE.
  4. Allow Entity GET - If the api call is allowed to use entity get.
  5. Allow Entity POST - If the api call is allowed to use entity post.
  6. Allow Entity DELETE - If the api call is allowed to use entity delete.
  7. Allow Workflow POST - If the api call is allowed to use methods/functions from a workflow.
  8. Allow Fetch POST - If the api call is allowed to use FETCH language to query the db through ONE.
  9. Allow Origin - The allowed origin for the api call.
  10. Allow IP Range - The allowed IP range for the api call.

The following diagram describes the entity used by this designer:

erDiagram
    rest_api_security {
        string name "Name"
        string api_key_hashed "API key hashed"
        string user_name "Login As (user name)"
        integer allow_entity_get "Allow Entity GET"
        integer allow_entity_post "Allow Entity POST"
        integer allow_entity_delete "Allow Entity DELETE"
        integer allow_workflow_post "Allow Workflow POST"
        integer allow_fetch_post "Allow Fetch POST"
        string allow_origin "Allow Origin"
        string allow_ip_range "Allow IP Range"
    }
← Menus
Roles →