The Permit/Deny API call is a Yes/No Authorization question. It returns a response to Access Decision-related responses to a specific question detailed in the API Request. It can also optionally return additional information.
Refer to the Working with the V5 Endpoint for API Access article for more information.
Notice
When accessing the Authorization APIs, the URL base/prefix, according to your PlainID PDP LocationFor more information on which Asset Types to use with your PAA or Cloud PDP, refer to Managing Asset Types.
Important note about headers
Refer to the headers below to modify your cURL sample. Check if the following headers are in the sample, if not, ensure you add it to your cURL sample before pasting into your API tool.
Headers
*Required| Header | Value | cURL Line |
|---|---|---|
| content-type | `application/json` | `-H 'Content-Type: application/json' ` |
Client ID of the Scope
The clientId is required, ensure that it is defined either in the header as X-Client-Id or in the body as clientId under the runtimeFinetune parameter. Refer to Setting up an Authentication Method for more information.
Client Secret ID of the Scope.
You can also authenticate with an Authorization Token (in your API tool). Note that the X-Client-Id is still required, whether in the header or the body as clientSecret under the runtimeFinetune parameter. Refer to Setting up an Authentication Method for more information.
{
"method": "GET",
"headers": {
"x-request-id": "8CDAC3e6r4D252ABE60EFD7A31AFEEBA",
"Authorization": "Bearer eyJhbG...lXvZQ"
},
"uri": {
"schema": "https",
"authority": null,
"path": [
"/portal/api/v1/profile/P4",
"portal",
"api",
"v1",
"profile",
"P4"
],
"query": "?details=true&type=2"
},
"body": {
"paramA": "value",
"paramB": "value"
},
"meta": {
"runtimeFineTune": {
"combinedMultiValue": false
}
}
}The HTTP verb of the original API Request Method
REST API Request Headers. It is an object value with the header name (type) key value pairs and its value.
REST API Request URI - An object value with sub-properties for Path, Query params, etc.
An array of values containing all the uri path parts.
An object value containing all the query parameters and values.
REST API Request Body - An object value that includes the full original body payload.
Contains all PDP Request Parameters. Refer to the relevant endpoint in this API reference for the list of parameters to add here.
User gets a Permit decision
{
"result": "PERMIT"
}{
"result": "DENY"
}{
"result": "PERMIT",
"response": [
{
"allowed": [
{
"path": "AS-XX-12575",
"action": "Access",
"template": "Accounts"
}
],
"denied": [],
"not_applicable": []
}
]
}{
"result": "DENY",
"response": [
{
"allowed": [],
"denied": [
{
"path": "AS-XX-12575",
"action": "Access1",
"template": "Accounts"
}
],
"not_applicable": []
}
]
}{
"result": "DENY",
"response": [
{
"allowed": [
{
"path": "AS-XX-12575",
"action": "Access",
"template": "Accounts"
}
],
"denied": [
{
"path": "AS-XX-1257566",
"action": "Access",
"template": "Accounts"
}
],
"not_applicable": []
}
]
}An auto-generated key to set the correlation between the requested object and the response object (optional). When working with a single assetContext object, use the “singleObjectResponse” value to align to the original structure response.
Bad Request
Unauthorized
Forbidden
Not Found
Internal Server Error
Not Implemented