Jump to: navigation, search

Role-Based Access Control

DevGuide2.png Purpose: Understand how to deal with the role-based access implemented in the Context Services.
Available since: 8.1.000.10

Role-Based Access Configuration

Through Configuration Manager or Genesys Administrator, you can define roles for your application built on top of the Context Services. To do this, you assign one or more roles to your users when creating your application's configuration in the Context Services. You are responsible for creating and defining these roles, where each role is a collection of Genesys Administrator Tasks associated with permissions.

IWRolesDefinition.png

Once authenticated, if the use-role option is set to true in the configuration (see the options defined in authentication Section) then the Universal Contact Server checks that each operation is allowed. If not, Error 403 forbidden is returned.

ContextService-Roles-JSON.png
ContextService-Roles-401.png

Mapping Genesys Administrator Task with Context Services

Operations can require that one or more Genesys Administrator Tasks are allowed, depending on what data is modified by the request. If your application's role does not allow all of the rights required for an operation then that operation will not proceed. For example, consider that your application performs a Start Service operation with extensions. If your application's role allows UCS.Service.startService but not UCS.Service.createServiceExtension then the service is neither created nor started. Your application instead receives a HTTP 403 Forbidden error.

Operation Genesys Administrator Tasks
Profile Operations
Create Customer Profile
POST /profiles
  • UCS.Customer.createProfile
  • UCS.Customer.createProfileExtension (if extensions)
Delete Customer Profile
DELETE /profiles/${customer_id}
  • UCS.Customer.deleteCustomerProfile
Delete Record From Profile Extension
PUT /profiles/${customer_id}/extensions/${ext_name}/by/unique
  • UCS.Customer.deleteProfileExtension
Identify Customer
GET /profiles
  • UCS.Customer.readCustomerProfile
  • UCS.Customer.readProfileExtension (if include_extensions is specified in the query)
Insert Extension Records
POST /profiles/${customer_id}/extensions
  • UCS.Customer.createProfileExtension
Bulk Profile Import
POST /profiles/import
  • UCS.Customer.executeBulkImport
  • UCS.Customer.createProfile
  • UCS.Customer.createProfileExtension
Query Customer Profile
GET /profiles/${customer_id}
  • UCS.Customer.readCustomerProfile
  • UCS.Customer.readProfileExtension (if extensions)
Update Customer Profile
PUT /profiles/${customer_id}
  • UCS.Customer.updateCustomerProfile
  • UCS.Customer.updateProfileExtension (if extensions)
Merge Customer Profile
PUT /profiles/${customer_id}/merge/${src_id}/
  • UCS.Customer.mergeCustomerProfile
Update Record In Profile Extension
PUT /profiles/${customer_id}/extensions/${ext_name}/by/unique
  • UCS.Customer.updateProfileExtension
Service Operations
Associate Service
POST /customers/${customer_id}/services/${service_id}
  • UCS.Service.startService
  • UCS.Service.updateServiceExtension (if extension)
Complete Service
POST /services/${service_id}/end
  • UCS.Service.stopService
  • UCS.Service.updateServiceExtension
Delete Record From Service Extension
PUT /services/${service_id}/extensions/${ext_name}/delete/by/unique
  • UCS.Service.deleteServiceExtension
GET /services/anonymous/${contact_key}
GET /customers/${customer_id}/services
GET /services/${service_id}
  • UCS.Service.readService
  • UCS.Service.readServiceExtension (if extensions)
  • UCS.States.readState
  • UCS.Tasks.readTask
Start Service
POST /services/start
  • UCS.Service.startService
  • UCS.Service.createServiceExtension
Update Service Extension
PUT /services/${service_id}/extensions/${ext_name}
  • UCS.Service.updateServiceExtension
Update Record In Service Extension
PUT /services/${service_id}/extensions/${ext_name}/by/unique
  • UCS.Service.updateServiceExtension
State Operations
Complete State
POST /services/${service_id}/states/${state_id}/end
  • UCS.States.stopState
  • UCS.States.updateStateExtension
Delete Record From State Extension
PUT /services/${service_id}/states/${state_id}/extensions/${ext_name}/delete/by/unique
  • UCS.States.deleteStateExtension
Perform State Transition
POST /services/${service_id}/states/transition
  • UCS.States.startState
  • UCS.States.stopState
  • UCS.States.createStateExtension (if extensions)
  • UCS.States.updateStateExtension (if extensions)
GET /services/${service_id}/states
GET /services/${service_id}/states/${state_id}
  • UCS.States.readState
  • UCS.States.readStateExtension (if extensions)
  • UCS.Tasks.readTask
Start State
POST /services/${service_id}/states/start
  • UCS.States.startState
  • UCS.States.createStateExtension
Update State Extension
PUT /services/${service_id}/states/${state_id}/extensions/${ext_name}
  • UCS.States.updateStateExtension
Update Record In State Extension
PUT /services/${service_id}/state/${state_id}extensions/${ext_name}/by/unique
  • UCS.States.updateStateExtension
Task Operations
Complete Task
POST /services/${service_id}/tasks/${task_id}/end
  • UCS.Tasks.stopTask
  • UCS.Tasks.updateTaskExtension
Delete Record From Task Extension
PUT /services/${service_id}/task/${task_id}/extensions/${ext_name}/delete/by/unique
  • UCS.Tasks.deleteTaskExtension
GET /services/${service_id}/tasks
GET /services/${service_id}/tasks/${task_id}
  • UCS.Tasks.readTask
  • UCS.Tasks.readTaskExtension
Start Task
POST /services/${service_id}/tasks/start
  • UCS.Tasks.startTask
  • UCS.Tasks.createTaskExtension
Update Task Extension
PUT /services/${service_id}/tasks/${task_id}/extensions/${extension_name}
  • UCS.Tasks.updateTaskExtension
Update Record In Task Extension
PUT /services/${service_id}/task/${task_id}extensions/${ext_name}/by/unique
  • UCS.Tasks.updateTaskExtension
Schema Operations
Create Profile Extension Schema
POST /metadata/profiles/extensions
  • UCS.SchemaMgt.createProfileExtensionSchema
Create Identification Key
POST /metadata/identification-keys
  • UCS.SchemaMgt.createIdKeys
Create State Extension Schema
POST /metadata/states/extensions
  • UCS.SchemaMgt.createStateExtensionSchema
Create Task Extension Schema
POST /metadata/tasks/extensions
  • UCS.SchemaMgt.createTaskExtensionSchema
Create Service Extension Schema
POST /metadata/services/extensions
  • UCS.SchemaMgt.createServiceExtensionSchema
Get Identification Keys
GET /metadata/identification-keys
  • UCS.SchemaMgt.readIdKeys
Query Profile Schema
GET /metadata/profiles/
  • UCS.SchemaMgt.readProfileExtensionSchema
Query Profile Extension Schema
GET /metadata/profiles/extensions
UCS.SchemaMgt.readProfileExtensionSchema
Query State Extension Schema
GET /metadata/states/extensions
  • UCS.SchemaMgt.readStateExtensionSchema
Query Task Extension Schema
GET /metadata/tasks/extensions
  • UCS.SchemaMgt.readTaskExtensionSchema
Query Service Extension Schema
GET /metadata/services/extensions
  • UCS.SchemaMgt.readServiceExtensionSchema
Query Business Attribute Schema
GET /metadata/business-attributes/${business-attribute-name}
  • UCS.SchemaMgt.readBusinessAttributes
Get Metadata Cache
GET /metadata/cache
  • UCS.SchemaMgt.handleMetadata
Change Metadata Cache
PUT /metadata/cache
  • UCS.SchemaMgt.handleMetadata
Get Metadata
GET ${contenttype}} /metadata
  • UCS.SchemaMgt.handleMetadata
Delete Metadata Profile Extensions
DELETE /metadata/profiles/extensions/${extension-name}
  • UCS.SchemaMgt.deleteProfileExtensionSchema
Delete Metadata Services Extensions
DELETE /metadata/services/extensions/${extension-name}
  • UCS.SchemaMgt.deleteServiceExtensionSchema
Delete Metadata States Extensions
DELETE /metadata/states/extensions/${extension-name}
  • UCS.SchemaMgt.deleteStateExtensionSchema
:Delete Metadata Tasks Extensions
DELETE /metadata/tasks/extensions/${extension-name}
  • UCS.SchemaMgt.deleteTaskExtensionSchema
Delete Metadata Identification Keys
DELETE /metadata/identification-keys/${id_key-name}
  • UCS.SchemaMgt.deleteIdKeys
Interaction Operations
Query Interactions
GET /customers/${customer_id}/interactions
GET /services/${service_id}/interactions
GET /interactions/${interaction_id}
  • UCS.SchemaMgt.readInteraction
Server Operations
Query Server Status
GET /server/status
  • UCS.SystemMgt.readServerInfo
Set Server Mode
POST /server/mode
  • UCS.SystemMgt.changeServerMode
This page was last modified on November 23, 2017, at 07:38.

Feedback

Comment on this article:

blog comments powered by Disqus