Table of Contents |
---|
...
Validation
Validate token
- Verify the validity of access token
- Return 401 in case validation fails
- token is not expired
- in case error return 401
Validate scopes
- Check user scopes in order to perform this action (scope = 'contract:read')
- Return 403 in case invalid scope(s)
...
- if TOKENS_TYPES_PERSONAL
- Check client_id = contracts.contractor_legal_entity_id
- in case error return 403 "You are User is not allowed to view this contract"
- Check client_id = contracts.contractor_legal_entity_id
...