Is it possible to give a user read only access to the API?
We have created an app that is used to input data. The data should also be available outside the app in for instance a WebGIS system. For that purpose we can use the API. I would like to give a user just read access with the API, without write or delete access. Also there is no need for that user to be a developer or regular user of the apps.
How can I best organise this?
Hi @thomasvdl ,
If you want to control the access rights through the API, it is very similar to having access rights through the user interface. An API can be used with a Personal Access Token of a user. That user’s access rights governs the scope of the data usage. Therefore, if you want to make the data of an entity/workspace/app available through an external platform with limited rights, I would recommend setting up a user on the VIKTOR platform that represents the rights that you would like to have for the API. And then assign the access rights scope for that user.
I hope this makes sense. Let me know if it is not clear.
Hi @mslootweg,
Thank you for the answer. It makes sense.
Just to be sure… I see two options to set access rights:
Are these the only options or are there more?
The options you are referring to are the environment’s access rights.
You can also set the workspace rights. Here is a link that gives an overview of the rights that you can set within a workspace:
To navigate to setting these rights, you enter your workspace, and click on the “Administrator” tab.
