Create a New Authorization

Creates a new authorization.

Method

POST /authorization/create

Parameters

Request Body

A JSON object with the following properties:

Name Value Description
type Integer The type of the authorization. (0=global, 1=grant, 2=revoke). See the User Guide for more information about authorization types.
permissions String An array of Strings holding the permissions provided by this authorization.
userId String The id of the user this authorization has been created for. The value "*" represents a global authorization ranging over all users.
groupId String The id of the group this authorization has been created for.
resourceType Integer An integer representing the resource type. See the User Guide for a list of integer representations of resource types.
resourceId String The resource Id. The value "*" represents an authorization ranging over all instances of a resource.

Result

A JSON array with the following properties:

Name Value Description
id String The id of the authorization.
type Integer The type of the authorization (0=global, 1=grant, 2=revoke).
permissions String An array of Strings holding the permissions provided by this authorization.
userId String The id of the user this authorization has been created for. The value "*" represents a global authorization ranging over all users.
groupId String The id of the group this authorization has been created for.
resourceType Integer An integer representing the resource type. See the User Guide for a list of integer representations of resource types.
resourceId String The resource Id. The value "*" represents an authorization ranging over all instances of a resource.
links Object A JSON array containing links to interact with the resource. The links contain only operations that the currently authenticated user would be authorized to perform.
removalTime String The removal time indicates the date a historic instance authorization is cleaned up. A removal time can only be assigned to a historic instance authorization. Can be null when not related to a historic instance resource or when the removal time strategy is end and the root process instance is not finished. Default format yyyy-MM-dd'T'HH:mm:ss.SSSZ.
rootProcessInstanceId String The process instance id of the root process instance the historic instance authorization is related to. Can be null if not related to a historic instance resource.

Response Codes

Code Media type Description
200 application/json Request successful.
400 application/json Returned if some of the properties in the request body are invalid, for example if a permission parameter is not valid for the provided resourceType. See the Introduction for the error response format.
403 application/json The authenticated user is unauthorized to create an instance of this resource. See the Introduction for the error response format.
500 application/json The authorization could not be updated due to an internal server error. See the Introduction for the error response format.

Example

Request

POST /authorization/create

Request Body:

{"type" : 0,
 "permissions": ["CREATE", "READ"],
 "userId": "*",
 "groupId": null,
 "resourceType": 1,
 "resourceId": "*"}

Response

Status 200.

{"id":"anAuthorizationId",
 "type": 0,
 "permissions": ["CREATE", "READ"],
 "userId": "*",
 "groupId": null,
 "resourceType": 1,
 "resourceId": "*",
 "removalTime": "2018-02-10T14:33:19.000+0200",
 "rootProcessInstanceId": "f8259e5d-ab9d-11e8-8449-e4a7a094a9d6",
 "links":[
    {"method": "GET", href":"http://localhost:8080/engine-rest/authorization/anAuthorizationId", "rel":"self"},
    {"method": "PUT", href":"http://localhost:8080/engine-rest/authorization/anAuthorizationId", "rel":"update"},
    {"method": "DELETE", href":"http://localhost:8080/engine-rest/authorization/anAuthorizationId", "rel":"delete"}
  ]}

On this Page: