Utility - REST Call Authorization Check

URI

https://164.99.19.131:8443/SentinelRESTServices/preauthorize

Supported Methods

GET

Given a URL, an HTTP method, and optionally desired request/response content types, this API will return whether the caller is authorized to access that REST endpoint or not. It does an authorization check, including checking any roles that method may require. The userID is gleaned from the Authorization header, which must be for a valid logged in user and must be of type X-SAML.

Authentication

Authentication Types

X-SAML

Sentinel Permissions Needed

URL Parameters

Required

Parameter	Type	Description
`path`	String	The path, not including the context (i.e. SentinelRESTServices) to the REST service. example: /objects/identity
`httpMethod`	String	The http method to look for. GET, PUT, POST, and DELETE are supported
`contentType`	String	If included, this content type for the inbound request must be supported. example: application/json
`acceptType`	String	If included, this content type for the return response must be supported. example: application/json

Optional

None.

Success Codes

200 OK

Fault Codes

400 Bad Request
400 with NCAC Fault Data
- Code ValueSender
- Subcode Value: RestEndpointNotFound
- Reason Text: Unable to find the REST Service located at URL '/objects/identity' and listening for http method 'DELETE'.

Sample Request

GET /preauthorize?path=/objects/identity&httpMethod=GET

Sample Response for application/json

Status: 200

{"Authorized":"true"}

Sample Request

GET /preauthorize?path=/objects/identity&httpMethod=DELETE

Sample Response for application/json

Status: 400

{"Code":{"Value":"Sender","Subcode":{"Value":"RestEndpointNotFound"}},"Reason":{"Text":"Unable to find the REST Service located at URL "/objects/identity" and listening for http method "DELETE"."}}

Back to main API page