Authorization

Concerning access, there are three types of REST APIs: public REST APIs, REST APIs with role-based access control (RBAC) and REST APIs with attribute-based access control (ABAC).

Public REST APIs

REST API Access Level
OAI API public
Object API public
Query API public

REST APIs with Role-Based Access Control (RBAC)

REST API Access Level Role
Deposit API protected ROLE_DEPOSITOR
Ingest API protected ROLE_MANAGER
WebDAV API protected ROLE_MANAGER

REST APIs with Attribute-Based Access Control (ABAC)

See also: File System ACLs.

REST API Access Levels ACL Mode ACL Agent
Annotation API
  • embargo
  • private
  • protected
  • public
  •  
  • acl:Read
  • acl:Read
  • acl:Read
  •  
  • {username}
  • acl:AuthenticatedAgent
  • foaf:Agent
Download API
  • embargo
  • private
  • protected
  • public
  •  
  • acl:Read
  • acl:Read
  • acl:Read
  •  
  • {username}
  • acl:AuthenticatedAgent
  • foaf:Agent
Media API
  • embargo
  • private
  • protected
  • public
  •  
  • acl:Read
  • acl:Read
  • acl:Read
  •  
  • {username}
  • acl:AuthenticatedAgent
  • foaf:Agent