403 with API identity

Submitted by laurent.leseign... on Mon, 05/03/2021 - 17:21

Hi,

when i try to get all users with a specific membership with on a tomcat bundle:

../API/identity/user?p=0&c=10&f=enabled=true&f=role_id=3&f=group_id=20

I get a 403 with a normal user (ok with an admin), but it works in studio (default config)

why don't we have the same behaviour ?
no info is provided in documentation about restrictions https://documentation.bonitasoft.com/bonita/2021.1/identity-api#_read_a_...

thanks,

1 answer

Submitted by romain.bioteau on Tue, 05/04/2021 - 08:53

Hi, In the default Studio organization all users have the admin profile.

HTH
Romain

Comments

Submitted by laurent.leseign... on Tue, 05/04/2021 - 09:15

even for user created on the fly during a process execution ?

this API is not supposed to belong to an admin to get users of a membership

Permalink

Submitted by romain.bioteau on Tue, 05/04/2021 - 09:17

Are the dynamic permissions check enable in your test environment ? They are not in the Studio and are less permissive.

Permalink

Submitted by laurent.leseign... on Tue, 05/04/2021 - 09:23

I don't think so, it's a OOB docker container build by BCD add on

Permalink

Submitted by romain.bioteau on Wed, 05/05/2021 - 09:05

Permalink