inventree/inventree-docs
2
0
Fork 0
mirror of https://github.com/inventree/inventree-docs.git synced 2025-10-31 04:45:38 +00:00
Code Activity

Add docs for API roles

Browse Source
This commit is contained in:
Oliver Walters
2021-02-27 08:53:07 +11:00
parent 2c5bd7ed80
commit 48d6acba97
4 changed files with 28 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

28
docs/extend/api.md
View File

@@ -75,4 +75,30 @@ headers = {
'AUTHORIZATION': f'Token {token}'
}
response = request.get('http://localhost:8080/api/part/', data=data, headers=headers)
```
```
## Authorization
### User Roles
Users can only perform REST API actions which align with their assigned [role permissions](../../admin/permissions/#roles).
Once a user has *authenticated* via the API, a list of the available roles can be retrieved from:
`/api/user/roles/`
For example, when accessing the API from a *superuser* account:
{% with id="api_roles", url="api/api_roles.png", description="API superuser roles" %}
{% include 'img.html' %}
{% endwith %}
Or, when accessing the API from an account which has read-only permissions:
{% with id="api_roles_2", url="api/api_roles_2.png", description="API user roles" %}
{% include 'img.html' %}
{% endwith %}
### Permission Denied
If an API action outside of the user's role(s) is attempted, the server will respond with a 403 permission error message.