How Can We Help?

Pure API - Access definitions for content and field filteringPure API - Access definitions for content and field filtering

It is possible to pair API keys with configurable access definitions to specify:

What content is available to what API key.
What metadata is exposed for the different API types.
Whether an API key grants read and write permissions, or only read permissions.

This provides you with much greater control of what data is made available to whom.

For example, it is now possible to:

Set up an API key which grants access to all confidential content (as long as that content is available through Pure API), embargoed documents, and all fields on Persons.
Set up another API key which can only read a few fields on Persons and only has access to public data.

Note: All existing API keys will be migrated and given access definitions that match their old behavior, but can be updated afterwards to the desired access definition.

Information	Screenshot
Overview Setting available to user role: Administrator Location in Pure: Administrator > Pure API > Access definitions Each API keys is now linked to an access definition: You can create multiple access definitions. You can use the same definition with multiple API keys (one-to-many). One API key can be paired with only one access definition (one-to-one).
Access definition editor When creating an access definition, you can specify a number of details in the Access definition editor. Access definition editor > Information Add name and description of your access definition. Access definition editor > Types and fields The Types and fields section includes all the supported types in the Pure API. Each type has been setup to allow all fields where both read and write is enabled. The only exception is the Person API type, where gender, date of birth and nationality fields are not available by default. Access definition editor > Content filters Filters in this section are the same as those available in Administrator > Security > Ws > Authentication requirements and content filtering.
Access definition: customizing accessible types and fields Access definition editor > Types and fields lets you edit each available type to: Specify access mode to the type (read-only, or read and write). Choose fields exposed for that type: You can allow all fields by enabling the 'Allow all fields' setting. All new fields added to the type in the future will also become available in that definition. When the setting is off, you can manually select allowed fields. There is an option to 'Add all' or 'Remove all' fields. This means that you have flexibility to, for example, allow read-only access to some types, and read and write access to others. Note: The names of the fields in the editor correspond to the field names in the JSON response from the API.
Adding an access definition to a new API key When you create a new API key, you need to link it to a specific access definition. Once you have selected the definition, you can preview the details of the definition directly in the API key editor (1) to cross-check how the types and filters have been setup. Important: You still need to configure the endpoints that the API key can access in the API key editor (2). The access definition assigned to the key will only work for the endpoints that are explicitly added for this key.

Existing API keys: initial access definition

Upon upgrade to 5.22.0, an initial access definition will be created and associated with all existing API keys.

The settings of the initial access definition will follow what you had setup for the REST service before the upgrade.

Updated at November 07, 2024

How Can We Help?

Search Results

Filter By Category

Contact Us

Pure API - Access definitions for content and field filteringPure API - Access definitions for content and field filtering