Access to the methods or endpoints of the web service can be controlled by role or group-based authentication policy.
In order to add a Role / Group-based Access Control policy, an Authentication policy must be added first.
To define the Role / Group-based Access Control policy, the fields that are described below are entered.
Add Roles to Header : If the option is cheched and authorization succeed, APINIZER adds the roles of the client to “X-Authenticated-UserRoles” header.
Identity/Role/Group Service:
Roles/Groups: Write comma separated list of roles for the API.Client must have ALL or ANY (as the one selected below) of Roles/Groups defined here to access API.
Enable Role/Group Based Method Access: When this option is enabled, the Role or Group Information of users can be defined to access the methods of the web service. In the first input field, the role or group name is selected, and the necessity of roles in the second input field is selected.
Error Message Customization: The error code and error message that you want to customize for this policy is entered.
Click Save button to save the operation.