Security modelAspire can be configured to restrict the REST APIs so that they only can be accessed through the use of authentication tokens. Any given user or Aspire node must posses a valid authentication token before executing any secured REST API. Any user or Aspire node will be assigned with a role definition that specifies the level of access to the different REST endpoints, as some endpoints might be restricted to certain roles. The current existing roles are: - Administrator
- Operator
- ManagerNode
- WorkerNode
Each REST Endpoint have one of the following security roles associated with them: - Administrator
- Only Administrator roles can access the endpoint
- Operator
- Both Operator and Administrator roles can access the endpoint
- ManagerNode
- Ony ManagerNode roles can access the endpoint
- WorkerNode
- Only WorkerNode roles can access the endpoint
- PermitAll
- Any roles can access the endpoint
Authentication Failure responsesThe following are the possible failure status when calling a REST endpoint without logging in, or with insufficient permissions: Response code | Description |
---|
401 | Unauthorized Either the security token was not provided or invalid | 403 | Forbidden A valid token was provided, but the user does not have permissions for calling the given endpoint |
|