API Authorization

This describes how the Apis are secured and how authorization to the api resources works.

The APIs are access by application to application authentication and authorization. Authorization works for most services by bearer token validation with the additional check on a consumer's role. Bearer tokens are explained in API Authentication

Authorization Roles

Grant Victor provides various roles of access to the APIs.

User
Super
Admin

User

This is the default role and the role used by most every consumer of the APIs.

This role allows access to one's own data as defined by the App. Each consumer has an application id.

The app id is verified upon request to ensure that only the consumer's application data is visible and modifiable by the appropriate caller.

Super and Admin

Super and Admin are Grant Victor internal roles for managing the data using the services.

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

API Authorization

Authorization Roles

User

Super and Admin

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Clone this wiki locally