Arlo

REST Auth API: Role based access control

Supported in next release

Overview

Role based access control (RBAC) is used within our API to enforce certain restrictions based on the role(s) of the identity associated with any Auth API request. A platform may be configured to have RBAC active or not.

Definitions

We offer these definitions for our implementation of RBAC.

Term Meaning
Role A platform concept denoting the role (APIUser, Administrator, Presenter and so on) associated with the identity associated with the current API request. Identities may be associated with more than one role
Permission A grant that allows a role certain rights to perform an action via the REST API

Role selection

We take an 'escalating' approach to granting permissions.

That is, an identity is associated with more than one role when we receive a request. To ensure that the correct permissions are available for an executing request, we examine the roles of the identity before the request executes, and select the role that has the most permissive disposition. This level of escalation is purely an internal concern, and cannot be circumvented by anything contained in the original request.

Effect of permissions on operation

Consideration of this subject requires one to consider endpoint access, query and update requests.

Action Meaning and consequences
Endpoint access URL access is 'route controlled'; that is, the escalated role of the identity associated with the request will determine if a URL is even accessible. Currently, only the Presenter role has route control applied.
Resource 'trimming' Resources returned by REST API calls may have filtering applied to their response depending on the role of the current identity. This filtering has the effect of 'trimming' resources returned, suppressing properties or parts of an object graph for which the role does not have granted access. Currently, only the Presenter role has resource trimming applied.
Update Roles may have update control applied to their actions. This will result in a failure to execute if the role has insufficient permissions to undertake the action requested. Currently, only the Presenter role has update control applied.

See HTTP responses for details concerning possible responses.