search

Authorization

In the API v2, almost all endpoints are protected with permission-based checks that ensure that the request is only processed if the authenticated user is authorized to execute this operation.

Below you will find an overview of how these user identity permissions (in short, permissions) are currently configured in our platform.

hashtag
Scope

Scope
Explanation

Not connected companies

All entities of not connected companies.

Connected companies

All entities of connected companies.

Your company

All entities within your own company.

Your buyer company

All entities within your own buyer company.

Your supplier company

All entities within your own supplier company.

Not connected users

All entities of not connected users.

Connected users

All entities of users linked to a connected company.

Your user

All entities within the user's account.

Your admin

All admin entities within your own company.

circle-info

Scopes with both read and write permissions n/a are not shown in the permission tables below

hashtag
User Permissions

hashtag
Dashboard

hashtag
Supply Chain Activity

Scope
Read Permission
Write Permission

Not connected companies

Not allowed

n/a

Connected companies

Not allowed

n/a

Your company

See all supply chain activity wherein your company is involved

n/a

circle-info

A company is in the lead during an event that's why users are n/a relating to reading permissions.

hashtag
Order performance metrics

Scope
Read Permission
Write Permission

Not connected companies

Not allowed

n/a

Connected companies

Not allowed

n/a

Your company

See all supply chain activity wherein your company is involved

n/a

hashtag
Orders

hashtag
Order (line)

Scope
Read Permission
Write Permission

Not connected companies

Not allowed

n/a

Connected companies

Not allowed

n/a

Your supplier company

See all order (line) fields + download attach documents

Execute all "BySupplier" actions (aka commands) + communication , attach documents & add/change item details

Your buyer company

See all order (line) fields + download attach documents

Execute all "ByBuyer" action (aka commands) + communication & attach documents

hashtag
Order (line) activity

Scope
Read Permission
Write Permission

Not connected companies

Not allowed

n/a

Connected companies

See all activities wherein your company is involved

n/a

Your company

See all order (line) activities

n/a

Your user

See all order (line) activities

n/a

hashtag
Tasks

Scope
Read Permission
Write Permission

Not connected companies

Not allowed

n/a

Connected companies

Not allowed

n/a

Your company

See all conversation & order tasks

Perform all conversation & order tasks

Your user

See al conversation & order tasks

Perform all conversation & order tasks

hashtag
My Company

hashtag
Network

Scope
Read Permission
Write Permission

Not connected companies

Not allowed

n/a

Connected companies

Not allowed

n/a

Your company

See all connection details

n/a

Your admin

See all connection details

Add or update a supplier/buyer account code (update not yet implemented)

hashtag
Invite a new connection

Scope
Read Permission
Write Permission

Connected companies

Not allowed

n/a

Your company

Not allowed

n/a

Not connected users

Not allowed

n/a

Connected users

Not allowed

n/a

Your user

Find all not connected sellers NAMES + company name(when you are a buyer)

Find all not connected purchases NAMES (when you are a supplier)

send invite

hashtag
Validate a new connection

Scope
Read Permission
Write Permission

Connected companies

Not allowed

n/a

Your company

Received connection request in the portal

Accept/ Reject offer

Not connected users

not Allowed

n/a

Connected users

Not allowed

n/a

Your user

Received e-mail

Accept / Reject offer

hashtag
Team

Scope
Read Permission
Write Permission

Not connected companies

Not allowed

Not allowed

Connected companies

Not allowed

Not allowed

Your company

See all team members and positions (if filled)

Not allowed

hashtag
Invite a new user

Scope
Read Permission
Write Permission

Your admin

n/a

Send invitation to anybody

circle-info

Only admins and super users are allowed to invite new users

hashtag
Validate a new user

Scope
Read Permission
Write Permission

Not connected users

Not allowed

Not allowed

Connected users

Not allowed

Not allowed

Your company

Not allowed

Not allowed

Your user

Received e-mail

Create password

hashtag
Company settings

Scope
Read Permission
Write Permission

Not connected companies

Public profile

Not allowed

Connected companies

Public profile

Not allowed

Your company

See all settings

Not allowed

Your admin

See all settings

Update all settings

circle-info

Public profile is not yet developed, till then Public profile = Not allowed

hashtag
Company activity

Scope
Read Permission
Write Permission

Not connected companies

Not allowed

n/a

Connected companies

Not allowed

n/a

Your company

See all activity

n/a

hashtag
My profile

hashtag
User settings

Scope
Read Permission
Write Permission

Not connected users

Public profile

Not allowed

Connected users

Public profile

Not allowed

Your company

All settings except password recovery

Not allowed

Your user

All settings

allowed for all settings

circle-info

Public profile is not yet developed, till then Public profile = Not allowed

hashtag
User activity

Scope
Read Permission
Write Permission

Not connected users

Not allowed

n/a

Connected users

Not allowed

n/a

Your company

See all activity

n/a

Your user

See all activity

n/a

PreviousAuthenticationNextEncryption

Last updated