Version: v0.16

Authorization API Reference

API reference for the Authorization module.

Roles

List Roles

GET /authorization/roles
Authorization: Bearer {adminToken}

Create Role

POST /authorization/roles
Authorization: Bearer {adminToken}

Request Body:

{
  "name": "editor",
  "permissions": ["posts:read", "posts:update"]
}

Update Role

PUT /authorization/roles/{roleId}
Authorization: Bearer {adminToken}

Delete Role

DELETE /authorization/roles/{roleId}
Authorization: Bearer {adminToken}

Rules

List Rules

GET /authorization/rules
Authorization: Bearer {adminToken}

Create Rule

POST /authorization/rules
Authorization: Bearer {adminToken}

Request Body:

{
  "resource": "Posts",
  "action": "read",
  "role": "user",
  "conditions": {}
}

Update Rule

PUT /authorization/rules/{ruleId}
Authorization: Bearer {adminToken}

Delete Rule

DELETE /authorization/rules/{ruleId}
Authorization: Bearer {adminToken}

User Role Management

Assign Role to User

POST /authorization/users/{userId}/roles
Authorization: Bearer {adminToken}

Request Body:

{
  "role": "editor"
}

Remove Role from User

DELETE /authorization/users/{userId}/roles/{roleId}
Authorization: Bearer {adminToken}

Get User Roles

GET /authorization/users/{userId}/roles
Authorization: Bearer {adminToken}

Authorization Check

Check Permission

POST /authorization/check
Authorization: Bearer {userToken}

Request Body:

{
  "resource": "Posts",
  "action": "update",
  "resourceId": "post-123"
}

Response:

{
  "allowed": true
}

Roles​

List Roles​

Create Role​

Update Role​

Delete Role​

Rules​

List Rules​

Create Rule​

Update Rule​

Delete Rule​

User Role Management​

Assign Role to User​

Remove Role from User​

Get User Roles​

Authorization Check​

Check Permission​

Roles

List Roles

Create Role

Update Role

Delete Role

Rules

List Rules

Create Rule

Update Rule

Delete Rule

User Role Management

Assign Role to User

Remove Role from User

Get User Roles

Authorization Check

Check Permission