Ajouter des autorisations API
Vous pouvez ajouter des autorisations à une API à l’aide d’Auth0 Dashboard ou de Management API.
Par défaut, tout utilisateur d’une application peut demander n’importe quelle autorisation définie ici. Vous pouvez mettre en œuvre des politiques d’accès pour limiter ce comportement au moyen des de règles.
Utiliser le Dashboard
Rendez-vous à Dashboard > Applications > API et cliquez sur le nom de l’API à afficher.
Allez dans l’onglet Autorisations et saisissez un nom de permission et une description pour la permission que vous souhaitez ajouter. Veillez à ne pas utiliser de noms de permission réservés (voir la section Noms réservés).
Cliquez sur Ajouter. N’oubliez pas que les applications individuelles peuvent avoir besoin d’autorisatoins et/ou de permissions mises à jour pour interagir correctement avec l’API.
Utiliser Management API
Corriger les permissions avec un objet vide supprime entièrement les permissions. N’oubliez pas d’incluretoutes les valeurs ci-dessous lors de l’exécution d’un appel PATCH.
Effectuez un appel PATCH au point de terminaison Update Resource Server. Veillez à remplacer les valeurs fictives API_ID, MGMT_API_ACCESS_TOKEN, PERMISSION_NAME et PERMISSION_DESC par votre identifiant d’API, votre jeton d’accès à Management API, le(s) nom(s) de la permission et la(les) description(s) de la permission, respectivement. Veillez à ne pas utiliser de noms de permission réservés (voir la section Noms réservés).
curl --request PATCH \
--url 'https://{yourDomain}/api/v2/resource-servers/API_ID' \
--header 'authorization: Bearer MGMT_API_ACCESS_TOKEN' \
--header 'cache-control: no-cache' \
--header 'content-type: application/json' \
--data '{ "scopes": [ { "value": "PERMISSION_NAME", "description": "PERMISSION_DESC" }, { "value": "PERMISSION_NAME", "description": "PERMISSION_DESC" } ] }'Was this helpful?
var client = new RestClient("https://{yourDomain}/api/v2/resource-servers/API_ID");
var request = new RestRequest(Method.PATCH);
request.AddHeader("content-type", "application/json");
request.AddHeader("authorization", "Bearer MGMT_API_ACCESS_TOKEN");
request.AddHeader("cache-control", "no-cache");
request.AddParameter("application/json", "{ \"scopes\": [ { \"value\": \"PERMISSION_NAME\", \"description\": \"PERMISSION_DESC\" }, { \"value\": \"PERMISSION_NAME\", \"description\": \"PERMISSION_DESC\" } ] }", ParameterType.RequestBody);
IRestResponse response = client.Execute(request);Was this helpful?
package main
import (
"fmt"
"strings"
"net/http"
"io/ioutil"
)
func main() {
url := "https://{yourDomain}/api/v2/resource-servers/API_ID"
payload := strings.NewReader("{ \"scopes\": [ { \"value\": \"PERMISSION_NAME\", \"description\": \"PERMISSION_DESC\" }, { \"value\": \"PERMISSION_NAME\", \"description\": \"PERMISSION_DESC\" } ] }")
req, _ := http.NewRequest("PATCH", url, payload)
req.Header.Add("content-type", "application/json")
req.Header.Add("authorization", "Bearer MGMT_API_ACCESS_TOKEN")
req.Header.Add("cache-control", "no-cache")
res, _ := http.DefaultClient.Do(req)
defer res.Body.Close()
body, _ := ioutil.ReadAll(res.Body)
fmt.Println(res)
fmt.Println(string(body))
}Was this helpful?
HttpResponse<String> response = Unirest.patch("https://{yourDomain}/api/v2/resource-servers/API_ID")
.header("content-type", "application/json")
.header("authorization", "Bearer MGMT_API_ACCESS_TOKEN")
.header("cache-control", "no-cache")
.body("{ \"scopes\": [ { \"value\": \"PERMISSION_NAME\", \"description\": \"PERMISSION_DESC\" }, { \"value\": \"PERMISSION_NAME\", \"description\": \"PERMISSION_DESC\" } ] }")
.asString();Was this helpful?
var axios = require("axios").default;
var options = {
method: 'PATCH',
url: 'https://{yourDomain}/api/v2/resource-servers/API_ID',
headers: {
'content-type': 'application/json',
authorization: 'Bearer MGMT_API_ACCESS_TOKEN',
'cache-control': 'no-cache'
},
data: {
scopes: [
{value: 'PERMISSION_NAME', description: 'PERMISSION_DESC'},
{value: 'PERMISSION_NAME', description: 'PERMISSION_DESC'}
]
}
};
axios.request(options).then(function (response) {
console.log(response.data);
}).catch(function (error) {
console.error(error);
});Was this helpful?
#import <Foundation/Foundation.h>
NSDictionary *headers = @{ @"content-type": @"application/json",
@"authorization": @"Bearer MGMT_API_ACCESS_TOKEN",
@"cache-control": @"no-cache" };
NSDictionary *parameters = @{ @"scopes": @[ @{ @"value": @"PERMISSION_NAME", @"description": @"PERMISSION_DESC" }, @{ @"value": @"PERMISSION_NAME", @"description": @"PERMISSION_DESC" } ] };
NSData *postData = [NSJSONSerialization dataWithJSONObject:parameters options:0 error:nil];
NSMutableURLRequest *request = [NSMutableURLRequest requestWithURL:[NSURL URLWithString:@"https://{yourDomain}/api/v2/resource-servers/API_ID"]
cachePolicy:NSURLRequestUseProtocolCachePolicy
timeoutInterval:10.0];
[request setHTTPMethod:@"PATCH"];
[request setAllHTTPHeaderFields:headers];
[request setHTTPBody:postData];
NSURLSession *session = [NSURLSession sharedSession];
NSURLSessionDataTask *dataTask = [session dataTaskWithRequest:request
completionHandler:^(NSData *data, NSURLResponse *response, NSError *error) {
if (error) {
NSLog(@"%@", error);
} else {
NSHTTPURLResponse *httpResponse = (NSHTTPURLResponse *) response;
NSLog(@"%@", httpResponse);
}
}];
[dataTask resume];Was this helpful?
$curl = curl_init();
curl_setopt_array($curl, [
CURLOPT_URL => "https://{yourDomain}/api/v2/resource-servers/API_ID",
CURLOPT_RETURNTRANSFER => true,
CURLOPT_ENCODING => "",
CURLOPT_MAXREDIRS => 10,
CURLOPT_TIMEOUT => 30,
CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
CURLOPT_CUSTOMREQUEST => "PATCH",
CURLOPT_POSTFIELDS => "{ \"scopes\": [ { \"value\": \"PERMISSION_NAME\", \"description\": \"PERMISSION_DESC\" }, { \"value\": \"PERMISSION_NAME\", \"description\": \"PERMISSION_DESC\" } ] }",
CURLOPT_HTTPHEADER => [
"authorization: Bearer MGMT_API_ACCESS_TOKEN",
"cache-control: no-cache",
"content-type: application/json"
],
]);
$response = curl_exec($curl);
$err = curl_error($curl);
curl_close($curl);
if ($err) {
echo "cURL Error #:" . $err;
} else {
echo $response;
}Was this helpful?
import http.client
conn = http.client.HTTPSConnection("")
payload = "{ \"scopes\": [ { \"value\": \"PERMISSION_NAME\", \"description\": \"PERMISSION_DESC\" }, { \"value\": \"PERMISSION_NAME\", \"description\": \"PERMISSION_DESC\" } ] }"
headers = {
'content-type': "application/json",
'authorization': "Bearer MGMT_API_ACCESS_TOKEN",
'cache-control': "no-cache"
}
conn.request("PATCH", "/{yourDomain}/api/v2/resource-servers/API_ID", payload, headers)
res = conn.getresponse()
data = res.read()
print(data.decode("utf-8"))Was this helpful?
require 'uri'
require 'net/http'
require 'openssl'
url = URI("https://{yourDomain}/api/v2/resource-servers/API_ID")
http = Net::HTTP.new(url.host, url.port)
http.use_ssl = true
http.verify_mode = OpenSSL::SSL::VERIFY_NONE
request = Net::HTTP::Patch.new(url)
request["content-type"] = 'application/json'
request["authorization"] = 'Bearer MGMT_API_ACCESS_TOKEN'
request["cache-control"] = 'no-cache'
request.body = "{ \"scopes\": [ { \"value\": \"PERMISSION_NAME\", \"description\": \"PERMISSION_DESC\" }, { \"value\": \"PERMISSION_NAME\", \"description\": \"PERMISSION_DESC\" } ] }"
response = http.request(request)
puts response.read_bodyWas this helpful?
import Foundation
let headers = [
"content-type": "application/json",
"authorization": "Bearer MGMT_API_ACCESS_TOKEN",
"cache-control": "no-cache"
]
let parameters = ["scopes": [
[
"value": "PERMISSION_NAME",
"description": "PERMISSION_DESC"
],
[
"value": "PERMISSION_NAME",
"description": "PERMISSION_DESC"
]
]] as [String : Any]
let postData = JSONSerialization.data(withJSONObject: parameters, options: [])
let request = NSMutableURLRequest(url: NSURL(string: "https://{yourDomain}/api/v2/resource-servers/API_ID")! as URL,
cachePolicy: .useProtocolCachePolicy,
timeoutInterval: 10.0)
request.httpMethod = "PATCH"
request.allHTTPHeaderFields = headers
request.httpBody = postData as Data
let session = URLSession.shared
let dataTask = session.dataTask(with: request as URLRequest, completionHandler: { (data, response, error) -> Void in
if (error != nil) {
print(error)
} else {
let httpResponse = response as? HTTPURLResponse
print(httpResponse)
}
})
dataTask.resume()Was this helpful?
Lorsque vous ajoutez ou mettez à jour des permissions, Management API exige que vous transmettiez toutes les permissions que vous souhaiteriez inclure. Si l’une des permissions existantes n’est pas transmise, elle sera retirée.
| Valeur | Description |
|---|---|
API_ID |
ID de l’API pour laquelle vous souhaitez supprimer les autorisations. |
MGMT_API_ACCESS_TOKEN |
Jeton d’accès pour Management API avec la permission update:resource_servers. |
PERMISSION_NAME |
Nom(s) de la ou des autorisations que vous souhaitez conserver pour l’API spécifiée. |
PERMISSION_DESC |
Description(s) conviviales de la ou des autorisations que vous souhaitez conserver pour l’API spécifiée. |
Noms réservés
Les noms de permission suivants sont réservés et ne peuvent pas être définis en tant que permissions API personnalisées :
address
created_at
email
email_verified
family_name
given_name
identities
name
nickname
offline_access
openid
phone
image
profile