Authorizing Access to Built-in APIs
You can authorize API access to specific applications.
- Log in to the administrator portal.
- On the top navigation bar, choose Resources > Enterprise APIs.
- On the displayed page, choose System APIs > Built-in APIs, click the Application Authorization tab, and click Authorize in the row that contains the target application to authorize it to access the built-in APIs.
- Go to the application details page, and authorize the application to access specific APIs. For details about how to add an application, see Integrating Enterprise Applications.
To authorize an application to call auth_api for account binding, registration, or both, ensure that you have set the authentication method of the application to OPEN_API.
- On the top navigation bar, choose Resources > Applications.
- Click the name of the application authorized in 3.
- Click the application icon to access the general information page.
- Choose API Permissions > Built-in APIs. On the displayed page, click Authorize in the Operation column of a permission code. The following table lists the mapping between permissions and APIs.
Table 1 Mapping between permissions and APIs Permission Code
Permission Description
API Description
API URL
Remarks
user_all
Read and write permissions for user management APIs
Creating a user
POST /api/v2/tenant/users
-
Modifying a user
PUT /api/v2/tenant/users/{user_id}
-
Deleting a user
DELETE /api/v2/tenant/users/{user_id}
-
Disabling a user
PUT /v2/tenant/users/{user_id}/disable
-
Enabling a user
PUT /v2/tenant/users/{user_id}/enable
-
Changing the password
PUT /api/v2/tenant/users/{user_id}/change-password
-
Verifying the original password and changing the user password
PUT /api/v2/tenant/users/{user_id}/change-password-verify
-
Authorizing an application account
POST /api/v2/tenant/users/{user_id}/applications/{application_id}/accounts
-
Querying user details by user ID.
GET /api/v2/tenant/users/{user_id}
user_read permission
Obtaining all application accounts of a user
GET /api/v2/tenant/users/{user_id}/accounts
user_read permission
Querying users
GET /api/v2/tenant/users
user_read permission
org_all
Read and write permissions for organization management APIs
Creating an organization
POST /api/v2/tenant/organizations
-
Modifying an organization
PUT /api/v2/tenant/organizations/{org_id}
-
Deleting an organization
DELETE /api/v2/tenant/organizations/{org_id}
-
Querying organization details
GET /v2/tenant/organizations/{org_id}
org_read permission
Querying organizations
GET /api/v2/tenant/organizations
org_read permission
account_all
Read and write permissions for application account management APIs
Creating an application account
POST /api/v2/tenant/applications/{application_id}/accounts/basic-account
-
Updating an application account
PUT /api/v2/tenant/applications/{application_id}/accounts/{account_id}
-
Deleting an application account
DELETE /api/v2/tenant/applications/{application_id}/accounts/{account_id}
-
Querying application accounts
GET /v2/tenant/applications/{application_id}/accounts
account_read permission
Querying application accounts
GET /api/v2/tenant/applications/{application_id}/accounts/{account_id}
account_read permission
Disabling an application account
PUT /api/v2/tenant/applications/{application_id}/accounts/{account_id}/disable
-
Enabling an application account
PUT /api/v2/tenant/applications/{application_id}/accounts/{account_id}/enable
-
app_org_all
Read and write permissions for application organization management APIs
Querying authorized application organizations
GET /api/v2/tenant/applications/{application_id}/organizations
app_org_read permission
Querying application organization details
GET /api/v2/tenant/applications/{application_id}/organizations/{org_id}
app_org_read permission
Adding an application organization
POST /api/v2/tenant/applications/{application_id}/organizations
-
Modifying an application organization
PUT /api/v2/tenant/applications/{application_id}/organizations/{org_id}
-
Deleting an application organization
DELETE /api/v2/tenant/applications/{application_id}/organizations/{org_id}
-
app_role_all
Read and write permissions for application role APIs
Adding an application role
POST /api/v2/tenant/applications/{application_id}/role
-
Modifying an application role
PUT /api/v2/tenant/applications/{application_id}/role/{role_id}
-
Deleting an application role
DELETE /api/v2/tenant/applications/{application_id}/role/{role_id}
-
Adding an application role member
POST /api/v2/tenant/applications/{application_id}/role-member
-
Deleting an application role member
DELETE /api/v2/tenant/applications/{application_id}/role-member
-
Querying application roles
GET /api/v2/tenant/applications/{application_id}/role-list
app_role_read
Querying application role details
GET /api/v2/tenant/applications/{application_id}/role/{role_id}
app_role_read
Querying application role members
GET /api/v2/tenant/applications/{application_id}/role-member-list/{role_id}
app_role_read
all
Read and write permissions for all OAP APIs
All preceding APIs
-
-
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot
