Introduction
In case of multiple clients, if you want to allow access to only specific resources for selected clients in Xelence, you can configure the necessary permissions using this process. It restricts data exposure to only authorized client applications, preventing unauthorized access and ensures that each client interacts solely with their own data.
Prerequisites
- These process configurations are to be done in case of multiple client applications registered.
- The entity, BPM, correspondence, and batch file must already exist as required.
- The Allow From Platform API flag must be set to True for all desired resources that need to be exposed from the Form's configuration screen.
|
Quick Steps |
| 1 |
Open the Configuration window |
| 2 |
Open the API Security section |
| 3 |
Add the Client |
| 4 |
Enter the details, then click Finish |
| 5 |
Add the Client Details for Entity |
| 6 |
Enter the details, then click OK |
| 7 |
Add BPM, Correspondence or Batch file details, if desired |
Detailed Steps
Step 1. Open the Configuration window.
Click the Configuration icon at the top right corner of the Xelence landing page.
Step 2. Open the API Security section.
In the Application Configurations tab, select the API Security section.
This is where you can configure API Security for different client applications.
Step 3. Add the client.
Click the Add icon to add a registered client.
Step 4. Enter the details, then click Finish.
The important properties are:
Step 5. Add Client Details for Entity.
Open the Entity tab and click the Add icon to expose the desired entity details to the recently added client.
Step 6. Enter the details, then click OK.
The important properties are:
- Name: Specifies the name of the entity file that needs to be exposed to the selected client.
- Method: Specifies the Load or XML method which is exposed to the selected client. This method already exists in the entity.
- Rule: Specifies the rule which is exposed to the selected client. This rule already exists in the entity.
- Query: Specifies the query which is exposed to the selected client. This query already exists in the entity.
The available scopes are:
DATA_GET: This scope grants permission to retrieve data from the application for the API.
DATA_DELETE: This scope grants permission to delete an existing record from the application database.
DATA_NEW: This scope grants permission to create a new record in the application database.
DATA_PATCH: This scope grants permission to update any existing record from the application database.
All the data scopes are checked by default. You can uncheck any desired scope, so that it is unavailable for the selected client.
Only the configured entity and its associated resources are exposed to the selected client.
Step 7. Add BPM, Correspondence or Batch file details, if desired.
Open the desired tab and click the Add icon to add the desired file that needs to be exposed to the selected client.
The important property to update is:
- Name: Specifies the name of the file that needs to be exposed to the selected client. This file must already exist in the application.
Similarly, the BPM file has been added and thereby it is only exposed to the selected client.
#Xelence
#API
#PlatformAPI