Magnolia 5.6 reached end of life on June 25, 2020. This branch is no longer supported, see End-of-life policy.
There are three levels of control when REST requests are issued:
Permissions to issue REST requests are controlled using Magnolia's standard role-based security mechanism.
...
URI permissions are granted by Access Control Lists (ACL). An ACL grants access to a path for Get or Get & Post.
...
Info |
---|
JCR access security can be bypassed for the |
...
...
Command level security access is the lowest level of access you can configure by role for REST endpoints.
Include Page | ||||
---|---|---|---|---|
|
Role-based access to specific commands can be configured in the rest-services
module: /modules/rest-services/rest-endpoints/commands/enabledCommands/
... requires further, nice hopefully well understandable bla bla ... :-|.
Endpoints always require URI access, they may also require JCR access or a specific role defined defined at a command level.
...