Performs an authorization check for the currently authenticated user.

Method

GET /authorization/check

Parameters

Query Parameters

Name Description Required?
permissionName String value representing the permission name to check for. Yes
permissionValue String representation of an integer value representing the permission value to check for. Yes
resourceName String value for the name of the resource to check permissions for. Yes
resourceType An integer representing the resource type to check permissions for. See the User Guide for a list of integer representations of resource types. Yes
resourceId The id of the resource to check permissions for. If left blank, a check for global permissions on the resource is performed. No

Result

A JSON array with the following properties:

Name Value Description
permissionName String Name of the permission which was checked.
resourceName String The name of the resource for which the permission check was performed.
resourceId String The id of the resource for which the permission check was performed.
isAuthorized Boolean True / false for isAuthorized.

Response Codes

Code Media type Description
200 application/json Request successful.
404 application/json Authorization with given id does not exist. See the Introduction for the error response format.

Example

Request

GET /authorization/check?permissionName=READ,permissionValue=2,resourceName=USER,resourceType=1,resourceId=jonny

Response

Status 200.

  1. {"permissionName": "READ",
  2. "resourceName": "USER",
  3. "resourceId": "jonny",
  4. "isAuthorized": true}

原文: https://docs.camunda.org/manual/7.9/reference/rest/authorization/get-check/