Versions Compared

Old Version 10

changes.mady.by.user Bogdana Konovalenko (Unlicensed)

Saved on

compared with

New Version 11

changes.mady.by.user Dmytro Kulibaba (Unlicensed)

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Table of Contents

...

  1. only employees with scope "related_legal_entities:read" can get list of related legal entities
  2. it's possible to see only  children legal entities (GET /legal_entities/{{id}}/related{?page,page_size})


Validation

Validate token

  • Verify the validity of access token
    • Return 401 in case validation fails
  • token is not expired
    • in case error return 401 

Validate scopes

  • Check user scopes in order to perform this action (scope = 'related_legal_entities:read')
    1. Return 403 in case invalid scope(s) -"Your scope does not allow to access this resource. Missing allowances: related_legal_entities:read"

Validate client

  • Check $id =tokens.details.client_id
    1. Return 403 in case of error -"User is not allowed to view"

Validate context

Return response to user limited by context from user's token

...