|
Permissions for JWT Tokens |
Scroll |
Special permissions can be configured for custom JWT tokens.
These permissions can be configured on the following levels:
Document |
the:doc |
Case |
the:case |
Case definition |
the:casedef |
Category |
the:ctgry |
Workflow instance |
the:wfinst |
eForm |
the:eform |
Indexing profile |
the:ixprof |
Syntax for configuring custom JWT tokens
Level |
Syntax |
General |
Use the following syntax to create special permissions for JWT tokens: "the:<objecttype>”:”<object_no>:permission”
|
General: Multiple permissions |
The same JWT token can contain multiple permissions for different objects. If multiple permissions for the same object are required they need to be summed up.
For example, DocViewinHitListPermission (4096) and DocPrintPermission (16384) would require the value to be set to 16384+4096= 20480. The permission would look as follows: “the:doc”:”12345:20480”
|
Workflow instance |
Use the following syntax to create Workflow instance (the:wfinst) permissions: "the:wfinst":”InstanceNo:TokenNo:Permission”
For example, a claim could look as follows: "the:wfinst":"69076:1:1090921693199"
Setting the token number to 0 will apply the granted permission to any token.
|
Comments |
Comments are not tied to a specific token. For that reason, the token number must be set to 0 in the claim.
For comments permissions the claim would look as follows: "the:wfinst":”InstanceNo:0:Permission”
For example, a claim could look as follows: "the:wfinst":"69076:0:17592186044416"
|
General: Combining multiple claims |
Use the following syntax to combine multiple claims:
"the:wfinst": [ "69076:1:1090921693199", "69076:0:17592186044416" ]
Claims specifying a token number and claims pertaining to any token can be combined.
|
All available permissions are defined in the Therefore Web API documentation.
