How to secure BDM REST APIs?

Submitted by singerkd on Sat, 11/07/2015 - 01:45
1
0
-1

Is there a good place we can add code to prevent all users from having access to BDM data through the REST API? It'd be nice to both be able to only display search results/objects for users who should have access to them (using custom code to filter them out) as well as only display fields that they should be able to see (in case we have internal fields that shouldn't be exposed.)

Thank you!

BDM
1 answer

Submitted by laurent.leseign... on Wed, 02/24/2016 - 20:55
1
0
-1

Hi,

you can use dynamic authorization checking as explain in documentation: http://documentation.bonitasoft.com/rest-api-authorization-0#dynamic to check which user is allowed to access BDM data.

regards,

L.

Notifications