Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

The Authorization API provides endpoints that allow you to call specific HasAccess() checks against a selected resource. This allows you to view what the people in your environment can do with specific resources, as well as view their current roles and other assignments.

Info

In the examples, be sure to replace {Your_Access_Token} with your token and {Your_API_Key} with the API key for your application.

HasAccessToResource

This endpoint allows you to check whether a person can perform operations against two resources, such as approving a request to add a person to a group.

HTTP Request

Code Block
languagejson
POST https://{FQDN_Of_Your_EmpowerID_Web_Server}/api/services/v1/hasaccess/hasaccesstoresource

Header Key/Value Pairs

Key

Value

X-EmpowerID-API-Key

The API key for your OAuth application

Content-Type

application/json

Authorization

Bearer {Your_Access_Token}

Payload Name/Value Pairs

Name

Value

person

EmpowerID login of the person you are checking

resource1

GUID of the resource targeted by the operation

operation

Display Name of the operation

Code Examples

Code Block
languagejs
$.ajax({
  url: "https://{FQDN_Of_Your_EmpowerID_Web_Server}/api/services/v1/hasaccess/hasaccesstoresource",
  type: "POST",
 
  headers: {
    "X-EmpowerID-API-Key": "{Your_API_Key}",
    "Content-Type": "application/json",
    "Authorization": "Bearer {Your_Access_Token}"   
  },
 
  data: JSON.stringify({
  "person": "jappleseed",
  "resource": "a5a1ce79-69a3-41e0-a434-5670f654123a",
  "operation": "resetpassword"
  })
})

HasAccessToDualResource

This endpoint allows you to check whether a person can perform operations against two resources, such as approving a request to add a person to a group.

HTTP Request

Code Block
languagejson
POST https://{FQDN_Of_Your_EmpowerID_Web_Server}/api/services/v1/hasaccess/hasaccesstodualresource

Header Key/Value Pairs

Key

Value

X-EmpowerID-API-Key

The API key for your OAuth application

Authorization

Bearer {Your_Access_Token}

Content-Type

application/json

Payload Name/Value Pairs

Name

Value

person

EmpowerID login of the person you are checking

resource1

GUID of the first resource targeted by the operation

operation

Display Name of the dual operation

resource2

GUID of the second resource targeted by the operation

Code Examples

Code Block
languagejs
$.ajax({
  url: "https://{FQDN_Of_Your_EmpowerID_Web_Server}/api/services/v1/hasaccess/hasaccesstodualresource",
  type: "POST",
 
 headers: {
    "X-EmpowerID-API-Key": "{Your_API_Key}",
    "Content-Type": "application/json",
    "Authorization": "Bearer {Your_Access_Token}"   
  },
 
  data: JSON.stringify({
  "person": "jappleseed",
  "resource1": "a5a1ce79-69a3-41e0-a434-5670f654123a",
  "operation": "Approve Group Membership",
  "resource2": "0c80065b-48a1-40d9-abd9-3f7907fe3d28"
  })
})

HasRoleForResource

This endpoint allows you to check whether a person has a specific Access Level for a set of given resources.

HTTP Request

Code Block
languagejson
POST https://{FQDN_Of_Your_EmpowerID_Web_Server}/api/services/v1/hasaccess/hasroleforresource

Header Key/Value Pairs

Key

Value

X-EmpowerID-API-Key

The API key for your OAuth application

Authorization

Bearer {Your_Access_Token}

Content-Type

application/json

Payload Name/Value Pairs

Name

Value

person

EmpowerID login of the person you are checking

role

Display Name of the Access Level

resource

GUID of the resource

Code Examples

Code Block
languagejs
$.ajax({
  url: "https://{FQDN_Of_Your_EmpowerID_Web_Server}/api/services/v1/hasaccess/hasroleforresource",
  type: "POST",
 
 headers: {
    "X-EmpowerID-API-Key": "{Your_API_Key}",
    "Content-Type": "application/json",
    "Authorization": "Bearer {Your_Access_Token}"   
  },
 
  data: JSON.stringify({
  "person": "jappleseed",
  "role": "Access Manager",
  "resource": "fb5d20a8-334f-4575-8b36-2058943dd195"
  })
})

HasAccessToWorkflow

This endpoint allows you to check whether a person can initiate a specific workflow.

HTTP Request

Code Block
POST https://{FQDN_Of_Your_EmpowerID_Web_Server}/api/services/v1/hasaccess/hasaccesstoworkflow

Header Key/Value Pairs

Key

Value

X-EmpowerID-API-Key

The API key for your OAuth application

Authorization

Bearer {Your_Access_Token}

Content-Type

application/json

Payload Name/Value Pairs

Name

Value

person

EmpowerID login of the person you are checking

resource

Display Name of the workflow

Code Examples

Code Block
languagejs
$.ajax({
  url: "https://{FQDN_Of_Your_EmpowerID_Web_Server}/api/services/v1/hasaccess/hasaccesstoworkflow",
  type: "POST",
 
 headers: {
    "X-EmpowerID-API-Key": "{Your_API_Key}",
    "Content-Type": "application/json",
    "Authorization": "Bearer {Your_Access_Token}"   
  },
 
  data: JSON.stringify({
  "person": "jappleseed",
  "workflow": "Laptop Asset Provision"
  })
})

HasAccessToWorkflows

This endpoint allows you to check whether a person can initiate both of the specified workflows.

HTTP Request

Code Block
POST https://{FQDN_Of_Your_EmpowerID_Web_Server}/api/services/v1/hasaccess/hasaccesstoworkflows

Header Key/Value Pairs

Key

Value

X-EmpowerID-API-Key

The API key for your OAuth application

Authorization

Bearer {Your_Access_Token}

Content-Type

application/json

Payload Name/Value Pairs

Name

Value

person

EmpowerID login of the person you are checking

workflows

Comma separated Display Name of each workflow

Code Examples

Code Block
languagejs
$.ajax({
  url: "https://{FQDN_Of_Your_EmpowerID_Web_Server}/api/services/v1/hasaccess/hasaccesstoworkflows",
  type: "POST",
 
 headers: {
    "X-EmpowerID-API-Key": "{Your_API_Key}",
    "Content-Type": "application/json",
    "Authorization": "Bearer {Your_Access_Token}"   
  },
 
  data: JSON.stringify({
  "person": "jappleseed",
  "resource": "Laptop Asset Provision"
  })
})


HasAccessToPage

This endpoint allows you to check whether a person can view the specified page in the EmpowerID Web interface.

HTTP Request

Code Block
languagejson
POST https://{FQDN_Of_Your_EmpowerID_Web_Server}/api/services/v1/hasaccess/hasaccesstopage

Header Key/Value Pairs

Key

Value

X-EmpowerID-API-Key

The API key for your OAuth application

Authorization

Bearer {Your_Access_Token}

Content-Type

application/json

Payload Name/Value Pairs

Name

Value

person

EmpowerID login of the person you are checking

page

GUID of the page

Code Examples

Code Block
languagejs
$.ajax({
  url: "https://{FQDN_Of_Your_EmpowerID_Web_Server}/api/services/v1/hasaccess/hasaccesstopage",
  type: "POST",
 
 headers: {
    "X-EmpowerID-API-Key": "{Your_API_Key}",
    "Content-Type": "application/json",
    "Authorization": "Bearer {Your_Access_Token}"   
  },
 
  data: JSON.stringify({
  "person": "jappleseed",
  "page": "e780eb21-7908-4741-9e9a-61747732147c"
  })
})


HasAccessToPages

This endpoint allows you to check whether a person can view the specified pages in the EmpowerID Web interface.

HTTP Request

Code Block
languagejson
POST https://{FQDN_Of_Your_EmpowerID_Web_Server}/api/services/v1/hasaccess/hasaccesstopages

Header Key/Value Pairs

Key

Value

X-EmpowerID-API-Key

The API key for your OAuth application

Authorization

Bearer {Your_Access_Token}

Content-Type

application/json

Payload Name/Value Pairs

Name

Value

person

EmpowerID login of the person you are checking

pages

Protected Application Resource GUID of the pages; Comma separated

Code Examples

Code Block
languagejs
$.ajax({
  url: "https://{FQDN_Of_Your_EmpowerID_Web_Server}/api/services/v1/hasaccess/hasaccesstopages",
  type: "POST",
 
 headers: {
    "X-EmpowerID-API-Key": "{Your_API_Key}",
    "Content-Type": "application/json",
    "Authorization": "Bearer {Your_Access_Token}"   
  },
 
  data: JSON.stringify({
  "person": "jappleseed",
  "pages": "63f64ec8-b3a2-4085-8337-77385284b8a6, 10ad7ef4-7207-46f0-ae70-103bf3cf0110"
  })
})


GetAllowedResources

This endpoint returns a list of resources the specified user can see.

HTTP Request

Code Block
languagejson
POST https://{FQDN_Of_Your_EmpowerID_Web_Server}/api/services/v1/hasaccess/getallowedcontrols

Header Key/Value Pairs

Key

Value

X-EmpowerID-API-Key

The API key for your OAuth application

Authorization

Bearer {Your_Access_Token}

Content-Type

application/json

Payload Name/Value Pairs

Name

Value

person

EmpowerID login of the person you are checking

pages

GUID of the parent application

Code Examples

Code Block
languagejs
$.ajax({
  url: "https://{FQDN_Of_Your_EmpowerID_Web_Server}/api/services/v1/hasaccess/getallowedcontrols",
  type: "POST",
 
 headers: {
    "X-EmpowerID-API-Key": "{Your_API_Key}",
    "Content-Type": "application/json",
    "Authorization": "Bearer {Your_Access_Token}"   
  },
 
  data: JSON.stringify({
  "person": "jappleseed",
  "application": "e4e51851-5450-4b6e-ae31-bf1f9eeef5c6"
  })
})

Results

Returns a JSON object containing the GUID of all controls for a specified parent application that the person can see.

Code Block
languagejson
{
  "Results": [
    "dcb1e15f-ee06-4265-9924-4d53b2a648b8",
    "7187b855-cd13-402e-91cf-d4c3905fd688",
    "95cb3b83-3ad2-46dc-878a-0edc75543888",
    "66964466-6fb0-474d-92ad-86a203f6634a",
    "84a699e8-f91e-48d2-8e50-733d079d2c6c",
    "282273f3-e702-4487-905c-383b3552fa9e",
    "5a815ac6-49aa-4442-8a04-d841449ba395",
    "b61a685f-4afd-4db9-a778-5ede9e6c98ff",
    "f82358ae-714f-4539-ab09-39803ffce4bf",
    "6cb51176-582b-49a5-93bf-a7f303b4121c",
    "6e7f678f-d0a9-41a4-8e0c-79a25c7ba3b1",
    "e594e7b7-d7ca-423f-8b3b-163d3081392e"
  ]
}

HasManagementRoles

This endpoint allows you to check whether a person has all of the specified Management Roles.

HTTP Request

Code Block
languagejson
POST https://{FQDN_Of_Your_EmpowerID_Web_Server}/api/services/v1/hasaccess/hasmanagementroles

Header Key/Value Pairs

Key

Value

X-EmpowerID-API-Key

The API key for your OAuth application

Authorization

Bearer {Your_Access_Token}

Content-Type

application/json

Payload Name/Value Pairs

Name

Value

person

PersonID of the person you are checking

managementRoles

GUID of each Management Role; Comma separated

Code Examples

Code Block
languagejs
$.ajax({
  url: "https://{FQDN_Of_Your_EmpowerID_Web_Server}/api/services/v1/hasaccess/hasmanagementroles",
  type: "POST",
 
 headers: {
    "X-EmpowerID-API-Key": "{Your_API_Key}",
    "Content-Type": "application/json",
    "Authorization": "Bearer {Your_Access_Token}"   
  },
 
  data: JSON.stringify({
  "person": "24754",
  "managementRoles": "fff8153f-982e-4504-b687-2bbd1f8b7c42,fb5d20a8-334f-4575-8b36-2058943dd195"
  })
})

Results

Returns a Boolean. If true, the person has the specified Management Roles; if false, the person does not have one or more of the roles.

IsInManagementRole

This endpoint allows you to check whether a person has the specified Management Role.

HTTP Request

Code Block
languagejson
POST https://{FQDN_Of_Your_EmpowerID_Web_Server}/api/services/v1/hasaccess/isinmanagementrole

Header Key/Value Pairs

Key

Value

X-EmpowerID-API-Key

The API key for your OAuth application

Authorization

Bearer {Your_Access_Token}

Content-Type

application/json

Payload Name/Value Pairs

Name

Value

person

PersonID of the person you are checking

managementRole

GUID of the Management Role

Code Examples

Code Block
languagejs
$.ajax({
  url: "https://{FQDN_Of_Your_EmpowerID_Web_Server}/api/services/v1/hasaccess/isinmanagementrole",
  type: "POST",
 
 headers: {
    "X-EmpowerID-API-Key": "{Your_API_Key}",
    "Content-Type": "application/json",
    "Authorization": "Bearer {Your_Access_Token}"   
  },
 
  data: JSON.stringify({
  "person": "24754",
  "managementRole": "fff8153f-982e-4504-b687-2bbd1f8b7c42"
  })
})

Results

Returns a Boolean. If true, the person has the specified Management Role; if false, the person does not.

IsInGroup

This endpoint allows you to check whether a person belongs to a specific group.

HTTP Request

Code Block
POST https://{FQDN_Of_Your_EmpowerID_Web_Server}/api/services/v1/hasaccess/isingroup

Header Key/Value Pairs

Key

Value

X-EmpowerID-API-Key

The API key for your OAuth application

Authorization

Bearer {Your_Access_Token}

Content-Type

application/json

Payload Name/Value Pairs

Name

Value

person

PersonID of the person you are checking

group

GUID of the Group

Code Examples

Code Block
languagejs
$.ajax({
  url: "https://{FQDN_Of_Your_EmpowerID_Web_Server}/api/services/v1/hasaccess/isingroup",
  type: "POST",
 
 headers: {
    "X-EmpowerID-API-Key": "{Your_API_Key}",
    "Content-Type": "application/json",
    "Authorization": "Bearer {Your_Access_Token}"   
  },
 
  data: JSON.stringify({
  "person": "24754",
  "group": "6c19c0f1-0a0a-4f1a-a526-2b8408aaf5be"
  })
})

Results

Returns a Boolean. If true, the person is in the group; if false, the person is not.

HasGroups

This endpoint allows you to check whether a person belongs to each of the specified groups.

HTTP Request

Code Block
languagejson
POST https://{FQDN_Of_Your_EmpowerID_Web_Server}/api/services/v1/hasaccess/hasgroups

Header Key/Value Pairs

Key

Value

X-EmpowerID-API-Key

The API key for your OAuth application

Authorization

Bearer {Your_Access_Token}

Content-Type

application/json

Payload Name/Value Pairs

Name

Value

person

PersonID of the person you are checking

groups

GUID of each Group; Comma separated

Code Examples

Code Block
languagejs
$.ajax({
  url: "https://{FQDN_Of_Your_EmpowerID_Web_Server}/api/services/v1/hasaccess/hasgroups",
  type: "POST",
 
 headers: {
    "X-EmpowerID-API-Key": "{Your_API_Key}",
    "Content-Type": "application/json",
    "Authorization": "Bearer {Your_Access_Token}"   
  },
 
  data: JSON.stringify({
  "person": "24754",
  "groups": "6c19c0f1-0a0a-4f1a-a526-2b8408aaf5be, 1089e2ef-67dc-484d-9b4b-c702822ffc0a"
  })
})

Results

Returns a Boolean. If true, the person belongs to all of the specified groups; if false, the person is not a member of one or more of the groups.

IsInBusinessRole

This endpoint allows you to check whether a person has a specific Business Role.

HTTP Request

Code Block
POST https://{FQDN_Of_Your_EmpowerID_Web_Server}/api/services/v1/hasaccess/isinbusinessrole

Header Key/Value Pairs

Key

Value

X-EmpowerID-API-Key

The API key for your OAuth application

Authorization

Bearer {Your_Access_Token}

Content-Type

application/json

Payload Name/Value Pairs

Name

Value

person

PersonID of the person you are checking

businessRole

ResourceID of the Business Role

Code Examples

Code Block
languagejs
$.ajax({
  url: "https://{FQDN_Of_Your_EmpowerID_Web_Server}/api/services/v1/hasaccess/isinbusinessrole",
  type: "POST",
 
 headers: {
    "X-EmpowerID-API-Key": "{Your_API_Key}",
    "Content-Type": "application/json",
    "Authorization": "Bearer {Your_Access_Token}"   
  },
 
  data: JSON.stringify({
  "person": "24754",
  "businessRole": "2994477"
  })
})

Results

Returns a Boolean. If true, the person has the specified Business Role; if false, the person does not.

HasBusinessRoles

This endpoint allows you to check whether a person belongs to each of the specified Business Roles.

HTTP Request

Code Block
POST https://{FQDN_Of_Your_EmpowerID_Web_Server}/api/services/v1/hasaccess/hasbusinessroles

Header Key/Value Pairs

Key

Value

X-EmpowerID-API-Key

The API key for your OAuth application

Authorization

Bearer {Your_Access_Token}

Content-Type

application/json

Payload Name/Value Pairs

Name

Value

person

PersonID of the person you are checking

businessRoles

ResourceID of each Business Role; Comma separated

Code Examples

Code Block
$.ajax({
  url: "https://{FQDN_Of_Your_EmpowerID_Web_Server}/api/services/v1/hasaccess/hasbusinessroles",
  type: "POST",
 
 headers: {
    "X-EmpowerID-API-Key": "{Your_API_Key}",
    "Content-Type": "application/json",
    "Authorization": "Bearer {Your_Access_Token}"   
  },
 
  data: JSON.stringify({
  "person": "24754",
  "businessRoles": "2994477, 2994478, 3146825"
  })
})


Results

Returns a Boolean. If true, the person all of the specified Business Role; if false, the person does not belong to one or more of the roles.

IsInBusinessRoleAndLocation

This endpoint allows you to check whether a person belongs to a specified Business Role and Location combination.

HTTP Request

Code Block
languagejson
POST https://{FQDN_Of_Your_EmpowerID_Web_Server}/api/services/v1/hasaccess/isinbusinessroleandlocation

Header Key/Value Pairs

Key

Value

X-EmpowerID-API-Key

The API key for your OAuth application

Authorization

Bearer {Your_Access_Token}

Content-Type

application/json

Payload Name/Value Pairs

Name

Value

person

PersonID of the person you are checking

businessRoleAndLocation

ResourceID of each Business Role; Comma separated

Code Examples

Code Block
languagejs
$.ajax({
  url: "https://{FQDN_Of_Your_EmpowerID_Web_Server}/api/services/v1/hasaccess/isinbusinessroleandlocation",
  type: "POST",
 
 headers: {
    "X-EmpowerID-API-Key": "{Your_API_Key}",
    "Content-Type": "application/json",
    "Authorization": "Bearer {Your_Access_Token}"   
  },
 
  data: JSON.stringify({
  "person": "24754",
  "businessRoleAndLocation": "3348"
  })
})

Results

Returns a Boolean. If true, the person to the specified Business Role; if false, the person does not.

Insert excerpt
IL:External Stylesheet
IL:External Stylesheet
nopaneltrue

Div
stylefloat:left; position:fixed;
idarticleNav

IN THIS ARTICLE

Table of Contents
maxLevel24
minLevel2
stylenone
printablefalse