Permissions
Audience: Admins, Developers, Solution Architects
Purpose: Explains how Kizen permissions work and how to retrieve a user’s permissions using the API.
Overview
Kizen's highly configurable permissions engine allows for fine-grained access control to objects, entities, and actions that can be taken. When using the API, it’s important to be aware what permissions the current user has.
To fetch the user’s current permissions, make a GET call to /api/auth/access. This endpoint takes no additional parameters, and simply returns a JSON object with the current user’s permissions:
curl -X GET "https://app.go.kizen.com/api/auth/access" \
-H 'accept: application/json' The JSON response includes a number of fields that describe the user’s permissions:
Section Permissions
The sections value in the JSON has permission information for specific features and parts of the app. These allow or deny access to things like dashboards, homepages, custom object creation, and other core features.
There are other permissions types you can set as well. See the following topics for more information on them:
What's Next
You can apply this information when building integrations, automations, or plugins that need to respect user access and authorization rules within Kizen.
Last updated
Was this helpful?