Requiring permissions for the /api/v2/integrations/credentials endpoints

Description

Permission requirements are being added to all of the /api/v2/integrations/credentials endpoints.

The “GET” endpoints will require the the “Integrations->Integration->View” permission to retrieve information about credentials.

The “POST /api/v2/integrations/credentials” endpoint will require the “Integrations->Integration->Add” permission in order to create a new credential.

The “DELETE /api/v2/integrations/credentials/{credentialId}” endpoint will require the “Integrations->Integration->Delete” permission in order to delete an existing credential.

The “PUT /api/v2/integrations/credentials/{credentialId}” endpoint will require the “Integrations->Integration->Edit” permission in order to modify an existing credential.

Change Category

API

Change Context

We are introducing this change to enable organizations to control which users can create, view, edit, and delete credentials.

Change Impact

Organizational administrators will have to ensure that users who are authorized to configure credentials have the proper permissions. Users who modify credentials would typically already have the corresponding "Integrations -> Integration" permissions, so it is likely that minimal changes will be required.

Date of Change

Jul 01, 2024

Impacted APIs

GET /api/v2/integrations/credentials
GET /api/v2/integrations/credentials/types
GET /api/v2/integrations/credentials/{credentialId}
POST /api/v2/integrations/credentials
DELETE /api/v2/integrations/credentials/{credentialId}
PUT /api/v2/integrations/credentials/{credentialId}

References

[REG-2708]

Does it have any impact on the premium app?

AppFoundry premium client apps would have already required those permissions to create and update the integrations in the first place. These permissions are now also being applied to any credentials created for those same integrations. It won't have any impact to a premium app installation wizard as administrators running the install wizard would be exacted to have those permissions already or the install wizard would fail.

Thanks for the explanation

Hi guys,

Just remember that if you are using the CX as Code provider to create, update, or delete an integration credential, you will need to make sure your OAuth client that your Terraform script runs under the Integrations->Integration permission.

Thanks,
John Carnell
Director, Developer Engagement

This topic was automatically closed 62 days after the last reply. New replies are no longer allowed.