Authorization
In the API v2, almost all endpoints are protected with permission-based checks that ensure that the request is only processed if the authenticated user is authorized to execute this operation.
Below you will find an overview of how these user identity permissions (in short, permissions) are currently configured in our platform.
Scope
Not connected companies
All entities of not connected companies.
Connected companies
All entities of connected companies.
Your company
All entities within your own company.
Your buyer company
All entities within your own buyer company.
Your supplier company
All entities within your own supplier company.
Not connected users
All entities of not connected users.
Connected users
All entities of users linked to a connected company.
Your user
All entities within the user's account.
Your admin
All admin entities within your own company.
Scopes with both read and write permissions n/a are not shown in the permission tables below
User Permissions
Dashboard
Supply Chain Activity
Not connected companies
Not allowed
n/a
Connected companies
Not allowed
n/a
Your company
See all supply chain activity wherein your company is involved
n/a
A company is in the lead during an event that's why users are n/a relating to reading permissions.
Order performance metrics
Not connected companies
Not allowed
n/a
Connected companies
Not allowed
n/a
Your company
See all supply chain activity wherein your company is involved
n/a
Orders
Order (line)
Not connected companies
Not allowed
n/a
Connected companies
Not allowed
n/a
Your supplier company
See all order (line) fields + download attach documents
Execute all "BySupplier" actions (aka commands) + communication , attach documents & add/change item details
Your buyer company
See all order (line) fields + download attach documents
Execute all "ByBuyer" action (aka commands) + communication & attach documents
Order (line) activity
Not connected companies
Not allowed
n/a
Connected companies
See all activities wherein your company is involved
n/a
Your company
See all order (line) activities
n/a
Your user
See all order (line) activities
n/a
Tasks
Not connected companies
Not allowed
n/a
Connected companies
Not allowed
n/a
Your company
See all conversation & order tasks
Perform all conversation & order tasks
Your user
See al conversation & order tasks
Perform all conversation & order tasks
My Company
Network
Not connected companies
Not allowed
n/a
Connected companies
Not allowed
n/a
Your company
See all connection details
n/a
Your admin
See all connection details
Add or update a supplier/buyer account code (update not yet implemented)
Invite a new connection
Connected companies
Not allowed
n/a
Your company
Not allowed
n/a
Not connected users
Not allowed
n/a
Connected users
Not allowed
n/a
Your user
Find all not connected sellers NAMES + company name(when you are a buyer)
Find all not connected purchases NAMES (when you are a supplier)
send invite
Validate a new connection
Connected companies
Not allowed
n/a
Your company
Received connection request in the portal
Accept/ Reject offer
Not connected users
not Allowed
n/a
Connected users
Not allowed
n/a
Your user
Received e-mail
Accept / Reject offer
Team
Not connected companies
Not allowed
Not allowed
Connected companies
Not allowed
Not allowed
Your company
See all team members and positions (if filled)
Not allowed
Invite a new user
Your admin
n/a
Send invitation to anybody
Only admins and super users are allowed to invite new users
Validate a new user
Not connected users
Not allowed
Not allowed
Connected users
Not allowed
Not allowed
Your company
Not allowed
Not allowed
Your user
Received e-mail
Create password
Company settings
Not connected companies
Public profile
Not allowed
Connected companies
Public profile
Not allowed
Your company
See all settings
Not allowed
Your admin
See all settings
Update all settings
Public profile is not yet developed, till then Public profile = Not allowed
Company activity
Not connected companies
Not allowed
n/a
Connected companies
Not allowed
n/a
Your company
See all activity
n/a
My profile
User settings
Not connected users
Public profile
Not allowed
Connected users
Public profile
Not allowed
Your company
All settings except password recovery
Not allowed
Your user
All settings
allowed for all settings
Public profile is not yet developed, till then Public profile = Not allowed
User activity
Not connected users
Not allowed
n/a
Connected users
Not allowed
n/a
Your company
See all activity
n/a
Your user
See all activity
n/a
Last updated