Authorization

In the API v2, almost all endpoints are protected with permission-based checks that ensure that the request is only processed if the authenticated user is authorized to execute this operation.

Below you will find an overview of how these user identity permissions (in short, permissions) are currently configured in our platform.

Scope

Scope	Explanation
Not connected companies	All entities of not connected companies.
Connected companies	All entities of connected companies.
Your company	All entities within your own company.
Your buyer company	All entities within your own buyer company.
Your supplier company	All entities within your own supplier company.
Not connected users	All entities of not connected users.
Connected users	All entities of users linked to a connected company.
Your user	All entities within the user's account.
Your admin	All admin entities within your own company.

Explanation

Not connected companies

All entities of not connected companies.

Connected companies

All entities of connected companies.

Your company

All entities within your own company.

Your buyer company

All entities within your own buyer company.

Your supplier company

All entities within your own supplier company.

Not connected users

All entities of not connected users.

Connected users

All entities of users linked to a connected company.

Your user

All entities within the user's account.

Your admin

All admin entities within your own company.

Scopes with both read and write permissions n/a are not shown in the permission tables below

User Permissions

Dashboard

Supply Chain Activity

Scope	Read Permission	Write Permission
Not connected companies	Not allowed	n/a
Connected companies	Not allowed	n/a
Your company	See all supply chain activity wherein your company is involved	n/a

Scope

Read Permission

Write Permission

Not connected companies

Not allowed

n/a

Connected companies

Not allowed

n/a

Your company

See all supply chain activity wherein your company is involved

n/a

A company is in the lead during an event that's why users are n/a relating to reading permissions.

Order performance metrics

Scope	Read Permission	Write Permission
Not connected companies	Not allowed	n/a
Connected companies	Not allowed	n/a
Your company	See all supply chain activity wherein your company is involved	n/a

Scope

Read Permission

Write Permission

Not connected companies

Not allowed

n/a

Connected companies

Not allowed

n/a

Your company

See all supply chain activity wherein your company is involved

n/a

Orders

Order (line)

Scope	Read Permission	Write Permission
Not connected companies	Not allowed	n/a
Connected companies	Not allowed	n/a
Your supplier company	See all order (line) fields + download attach documents	Execute all "BySupplier" actions (aka commands) + communication , attach documents & add/change item details
Your buyer company	See all order (line) fields + download attach documents	Execute all "ByBuyer" action (aka commands) + communication & attach documents

Scope

Read Permission

Write Permission

Not connected companies

Not allowed

n/a

Connected companies

Not allowed

n/a

Your supplier company

See all order (line) fields + download attach documents

Execute all "BySupplier" actions (aka commands) + communication , attach documents & add/change item details

Your buyer company

See all order (line) fields + download attach documents

Execute all "ByBuyer" action (aka commands) + communication & attach documents

Order (line) activity

Scope	Read Permission	Write Permission
Not connected companies	Not allowed	n/a
Connected companies	See all activities wherein your company is involved	n/a
Your company	See all order (line) activities	n/a
Your user	See all order (line) activities	n/a

Scope

Read Permission

Write Permission

Not connected companies

Not allowed

n/a

Connected companies

See all activities wherein your company is involved

n/a

Your company

See all order (line) activities

n/a

Your user

See all order (line) activities

n/a

Tasks

Scope	Read Permission	Write Permission
Not connected companies	Not allowed	n/a
Connected companies	Not allowed	n/a
Your company	See all conversation & order tasks	Perform all conversation & order tasks
Your user	See al conversation & order tasks	Perform all conversation & order tasks

Scope

Read Permission

Write Permission

Not connected companies

Not allowed

n/a

Connected companies

Not allowed

n/a

Your company

See all conversation & order tasks

Perform all conversation & order tasks

Your user

See al conversation & order tasks

Perform all conversation & order tasks

My Company

Network

Scope	Read Permission	Write Permission
Not connected companies	Not allowed	n/a
Connected companies	Not allowed	n/a
Your company	See all connection details	n/a
Your admin	See all connection details	Add or update a supplier/buyer account code (update not yet implemented)

Scope

Read Permission

Write Permission

Not connected companies

Not allowed

n/a

Connected companies

Not allowed

n/a

Your company

See all connection details

n/a

Your admin

See all connection details

Add or update a supplier/buyer account code (update not yet implemented)

Invite a new connection

Scope	Read Permission	Write Permission
Connected companies	Not allowed	n/a
Your company	Not allowed	n/a
Not connected users	Not allowed	n/a
Connected users	Not allowed	n/a
Your user	Find all not connected sellers NAMES + company name(when you are a buyer) Find all not connected purchases NAMES (when you are a supplier)	send invite

Scope

Read Permission

Write Permission

Connected companies

Not allowed

n/a

Your company

Not allowed

n/a

Not connected users

Not allowed

n/a

Connected users

Not allowed

n/a

Your user

Find all not connected sellers NAMES + company name(when you are a buyer)

Find all not connected purchases NAMES (when you are a supplier)

send invite

Validate a new connection

Scope	Read Permission	Write Permission
Connected companies	Not allowed	n/a
Your company	Received connection request in the portal	Accept/ Reject offer
Not connected users	not Allowed	n/a
Connected users	Not allowed	n/a
Your user	Received e-mail	Accept / Reject offer

Scope

Read Permission

Write Permission

Connected companies

Not allowed

n/a

Your company

Received connection request in the portal

Accept/ Reject offer

Not connected users

not Allowed

n/a

Connected users

Not allowed

n/a

Your user

Received e-mail

Accept / Reject offer

Team

Scope	Read Permission	Write Permission
Not connected companies	Not allowed	Not allowed
Connected companies	Not allowed	Not allowed
Your company	See all team members and positions (if filled)	Not allowed

Scope

Read Permission

Write Permission

Not connected companies

Not allowed

Connected companies

Not allowed

Your company

See all team members and positions (if filled)

Not allowed

Invite a new user

Scope	Read Permission	Write Permission
Your admin	n/a	Send invitation to anybody

Scope

Read Permission

Write Permission

Your admin

n/a

Send invitation to anybody

Only admins and super users are allowed to invite new users

Validate a new user

Scope	Read Permission	Write Permission
Not connected users	Not allowed	Not allowed
Connected users	Not allowed	Not allowed
Your company	Not allowed	Not allowed
Your user	Received e-mail	Create password

Scope

Read Permission

Write Permission

Not connected users

Not allowed

Connected users

Not allowed

Your company

Not allowed

Your user

Received e-mail

Create password

Company settings

Scope	Read Permission	Write Permission
Not connected companies	Public profile	Not allowed
Connected companies	Public profile	Not allowed
Your company	See all settings	Not allowed
Your admin	See all settings	Update all settings

Scope

Read Permission

Write Permission

Not connected companies

Public profile

Not allowed

Connected companies

Public profile

Not allowed

Your company

See all settings

Not allowed

Your admin

See all settings

Update all settings

Public profile is not yet developed, till then Public profile = Not allowed

Company activity

Scope	Read Permission	Write Permission
Not connected companies	Not allowed	n/a
Connected companies	Not allowed	n/a
Your company	See all activity	n/a

Scope

Read Permission

Write Permission

Not connected companies

Not allowed

n/a

Connected companies

Not allowed

n/a

Your company

See all activity

n/a

My profile

User settings

Scope	Read Permission	Write Permission
Not connected users	Public profile	Not allowed
Connected users	Public profile	Not allowed
Your company	All settings except password recovery	Not allowed
Your user	All settings	allowed for all settings

Scope

Read Permission

Write Permission

Not connected users

Public profile

Not allowed

Connected users

Public profile

Not allowed

Your company

All settings except password recovery

Not allowed

Your user

All settings

allowed for all settings

Public profile is not yet developed, till then Public profile = Not allowed

User activity

Scope	Read Permission	Write Permission
Not connected users	Not allowed	n/a
Connected users	Not allowed	n/a
Your company	See all activity	n/a
Your user	See all activity	n/a

Scope

Read Permission

Write Permission

Not connected users

Not allowed

n/a

Connected users

Not allowed

n/a

Your company

See all activity

n/a

Your user

See all activity

n/a

PreviousAuthentication NextEncryption

Last updated 2 years ago