Hi all,
Is there any way to invoke the Record Leve Security of a Record type?
I mean passing manually in code a user like queryRecordtype (userToApply:user)
Givin more context:
We have a set of Web APIs that will be invoked by other system, we have set up the authentication to be via "API KEY" in this scenario the API is tied to a service account, but the problem here is that we have in configured the Record Level Security Rules to manage what groups of users can see the information.
We want to expose cases but since the Authentication is via API key (tied to a serviceaccount) we loss the functionality of Record Level Security. We tried with passing the User ID as queryParameter/Header in the API but we need a way to apply explicitly the Security of a RT.
Thanks in advance for your help.
Discussion posts and replies are publicly visible
No. Part of the security concept in Appian is, that we cannot easily drill holes into it.
I don't want to break it, :P I just want to use the Security Explicitly.
In webApis the only way to do that is using basic Auth which is not very convenient in many cases
Thanks for your answer
I fully understand, but in terms of security, "I can't break it" is better than "I won't break it, I promise".
You will have to follow the Appian approach and add the service user to the respective groups. And if the app adds groups dynamically, I suggest to create a separate group for you service account(s) and add that group to every created group.