Role-Based Access Control
|
Purpose: Understand how to deal with the role-based access implemented in the Context Services. Available since: 8.1.000.10
|
Role-Based Access Configuration
Through Configuration Manager or Genesys Administrator, you can define roles for your application built on top of the Context Services. To do this, you assign one or more roles to your users when creating your application's configuration in the Context Services. You are responsible for creating and defining these roles, where each role is a collection of Genesys Administrator Tasks associated with permissions.
Once authenticated, if the use-role option is set to true in the configuration (see the options defined in authentication Section) then the Universal Contact Server checks that each operation is allowed. If not, Error 403 forbidden is returned.
Mapping Genesys Administrator Task with Context Services
Operations can require that one or more Genesys Administrator Tasks are allowed, depending on what data is modified by the request. If your application's role does not allow all of the rights required for an operation then that operation will not proceed. For example, consider that your application performs a Start Service operation with extensions. If your application's role allows UCS.Service.startService but not UCS.Service.createServiceExtension then the service is neither created nor started. Your application instead receives a HTTP 403 Forbidden error.
| Operation | Genesys Administrator Tasks | |
|---|---|---|
| Profile Operations | ||
| Create Customer Profile POST /profiles
|
| |
| Delete Customer Profile DELETE /profiles/${customer_id}
|
| |
| Delete Record From Profile Extension PUT /profiles/${customer_id}/extensions/${ext_name}/by/unique
|
| |
| Identify Customer GET /profiles
|
| |
| Insert Extension Records POST /profiles/${customer_id}/extensions
|
| |
| Bulk Profile Import POST /profiles/import
|
| |
| Query Customer Profile GET /profiles/${customer_id}
|
| |
| Update Customer Profile PUT /profiles/${customer_id}
|
| |
| Merge Customer Profile PUT /profiles/${customer_id}/merge/${src_id}/
|
| |
| Update Record In Profile Extension PUT /profiles/${customer_id}/extensions/${ext_name}/by/unique
|
| |
| Service Operations | ||
| Associate Service POST /customers/${customer_id}/services/${service_id}
|
| |
| Complete Service POST /services/${service_id}/end
|
| |
| Delete Record From Service Extension PUT /services/${service_id}/extensions/${ext_name}/delete/by/unique
|
| |
|
GET /services/anonymous/${contact_key} GET /customers/${customer_id}/services
GET /services/${service_id}
|
| |
| Start Service POST /services/start
|
| |
| Update Service Extension PUT /services/${service_id}/extensions/${ext_name}
|
| |
| Update Record In Service Extension PUT /services/${service_id}/extensions/${ext_name}/by/unique
|
| |
| State Operations | ||
| Complete State POST /services/${service_id}/states/${state_id}/end
|
| |
| Delete Record From State Extension PUT /services/${service_id}/states/${state_id}/extensions/${ext_name}/delete/by/unique
|
| |
| Perform State Transition POST /services/${service_id}/states/transition
|
| |
|
GET /services/${service_id}/states
GET /services/${service_id}/states/${state_id}
|
| |
| Start State POST /services/${service_id}/states/start
|
| |
| Update State Extension PUT /services/${service_id}/states/${state_id}/extensions/${ext_name}
|
| |
| Update Record In State Extension PUT /services/${service_id}/state/${state_id}extensions/${ext_name}/by/unique
|
| |
| Task Operations | ||
| Complete Task POST /services/${service_id}/tasks/${task_id}/end
|
| |
| Delete Record From Task Extension PUT /services/${service_id}/task/${task_id}/extensions/${ext_name}/delete/by/unique
|
| |
|
GET /services/${service_id}/tasks
GET /services/${service_id}/tasks/${task_id}
|
| |
| Start Task POST /services/${service_id}/tasks/start
|
| |
| Update Task Extension PUT /services/${service_id}/tasks/${task_id}/extensions/${extension_name}
|
| |
| Update Record In Task Extension PUT /services/${service_id}/task/${task_id}extensions/${ext_name}/by/unique
|
| |
| Schema Operations | ||
| Create Profile Extension Schema POST /metadata/profiles/extensions
|
| |
| Create Identification Key POST /metadata/identification-keys
|
| |
| Create State Extension Schema POST /metadata/states/extensions
|
| |
| Create Task Extension Schema POST /metadata/tasks/extensions
|
| |
| Create Service Extension Schema POST /metadata/services/extensions
|
| |
| Get Identification Keys GET /metadata/identification-keys
|
| |
| Query Profile Schema GET /metadata/profiles/
|
| |
| Query Profile Extension Schema GET /metadata/profiles/extensions
|
UCS.SchemaMgt.readProfileExtensionSchema | |
| Query State Extension Schema GET /metadata/states/extensions
|
| |
| Query Task Extension Schema GET /metadata/tasks/extensions
|
| |
| Query Service Extension Schema GET /metadata/services/extensions
|
| |
| Query Business Attribute Schema GET /metadata/business-attributes/${business-attribute-name}
|
| |
| Get Metadata Cache GET /metadata/cache
|
| |
| Change Metadata Cache PUT /metadata/cache
|
| |
| Get Metadata GET ${contenttype}} /metadata
|
| |
| Delete Metadata Profile Extensions DELETE /metadata/profiles/extensions/${extension-name}
|
| |
| Delete Metadata Services Extensions DELETE /metadata/services/extensions/${extension-name}
|
| |
| Delete Metadata States Extensions DELETE /metadata/states/extensions/${extension-name}
|
| |
| :Delete Metadata Tasks Extensions DELETE /metadata/tasks/extensions/${extension-name}
|
| |
| Delete Metadata Identification Keys DELETE /metadata/identification-keys/${id_key-name}
|
| |
| Interaction Operations | ||
| Query Interactions GET /customers/${customer_id}/interactions GET /services/${service_id}/interactions GET /interactions/${interaction_id}
|
| |
| Server Operations | ||
| Query Server Status GET /server/status
|
| |
| Set Server Mode POST /server/mode
|
| |
This page was last edited on November 23, 2017, at 14:38.
Comments or questions about this documentation? Contact us for support!