API Authorization
Authorizing API requests.
Please note that the OntoPop backend open-source software project, which includes the event-driven data pipelines and APIs, is undergoing extensive redesign and refactoring as part of OntoPop Community 3.x in order to improve performance, security, extensibility and maintainability. As a result, the documentation on this page will be significantly updated. Please refer to the OntoPop Roadmap for further information.
Authorities
As described in API Authentication, associated with an API Key that is issued to a client application is a set of roles that is used to authorize requests. The following table describes the roles (authorities) that are required to be provisioned to the client application in order to access the relevant OntoPop API collection (if OntoPop's native API authentication mechanism is enabled, otherwise all the following roles are automatically granted).
| OntoPop API Collection | Role Required |
|---|---|
| Management API | ROLE_ONTOPOP_MANAGEMENT_API |
| Triplestore API | ROLE_ONTOPOP_TRIPLESTORE_API |
| Graph API | ROLE_ONTOPOP_GRAPH_API |
| Search API | ROLE_ONTOPOP_SEARCH_API |
| Mapping API | ROLE_ONTOPOP_MAPPING_API |
If the client application has provided a valid API Key but does not have the relevant privileges to access the requested API, then a HTTP 403 Forbidden response status will be returned to the client application.