Authorisation
Overview
Authorization is the process of granting or denying access to resources and actions within a system based on a user's authenticated identity. Once a user has been authenticated, authorization determines what the user is allowed to do. It involves defining and enforcing rules that specify which users or roles can access specific resources or perform certain actions.
Role
Groups of permissions assigned to users. Roles simplify the management of user permissions by grouping related permissions. The below table shows the list of operations.
Input:
Name
String
Y
4
128
Allow alphabet only
Code
String
Y
2
16
Unique check
Description
Text Area
N
2
512
isActive
Boolean
N
NA
NA
True/False
Action/Resource
Action refers to a specific operation that a user, process, or system can perform on a resource. Examples of actions include read, write, delete, update, execute, etc. While a resource represents the entities or objects that need to be protected. Resources can be files, databases, API endpoints, services, or any other assets that require controlled access. In DIGIT, resources are generally API endpoints.
Input:
uri
String
Y
1
100
Allow alphabet only
accessType
String
Y
2
16
Enum (OPEN, PROTECTED)
description
Text Area
N
2
512
NA
isActive
Boolean
N
NA
NA
True/False
tag
array
N
1
64
Allow alphabet only
Role-Action Mapping
Role-action mapping is the association between roles and actions, defining which actions are permitted for each role on specific resources. The mapping is required to provide Role Based Access Control(RBAC) functionality.
Input:
tenantId
String
Y
1
50
Allow alphabet and dot only
roleCode
String
Y
1
20
Allow alphanumeric only
actionId
String
Y
36
36
uuid
isActive
Boolean
N
NA
NA
True/False
Define Roles & Permissions
Define the roles and their associated permissions:
Property Admin: Has access to all property-related APIs (property/*).
Property Creator: Has access only to create properties (property/_create).
Property Updater: Has access only to update properties (property/_update).
Property Searcher: Has access only to search properties (property/_search).
Last updated