Specifying route data authorizations for an API role

  1. Start the Route Tree Authorizations by Role (ttmtm6675m000) session.
  2. In the right-hand (Route Tree Authorizations) panel, select the API role for which to define route data authorizations.
    The /lnapi routes, such as /lnapi/odata/tdapi.purPurchaseOrder, are displayed in the left-hand (Route Tree) panel.
  3. Click the Route Data Authorizations by Role tab in the right-hand panel.
    Note: Data authorization rules can only be defined on the main collections in the APIs. Therefore, only these main collections are enabled in the route tree panel. All other routes, such as the routes of the APIs themselves and the routes under the main collections in the APIs, are greyed out.
  4. To define data authorizations for a particular main collection, select that collection in the tree in the left-hand panel. The full address of that collection, such as /lnapi/odata/tdapi.purPurchaseOrder/Orders, is displayed in the Route Tree Authorizations panel.
  5. On the Route Data Authorizations by Role tab in the right-hand panel, add a record and specify this information:
    All Methods
    Specify whether the authorization must apply to all methods of the route.
    Method
    If the authorization must not apply to all methods, specify the name of the method to which the authorization must apply.
    All Companies
    Specify whether the authorization must apply to all companies.
    Company
    If the authorization must not apply to all companies, specify the name of the company to which the authorization must apply.
  6. Click Save API Role in the toolbar of the Route Tree Authorizations panel.
    This text is displayed in the Condition Text field on the Route Data Authorizations by Role tab: (1=1).
  7. On the Route Data Authorizations by Role tab, select the new record and click the Edit Text button.
    The Text Editor starts.
  8. Replace (1=1) by the desired condition text.
    Points of attention:
    • The conditional expression is a logical expression that returns True or False.
    • Enclose the expression in parenthesis: (expression)
    • The expression consists of operands and operators.
    • For the property names that you can use in the condition text, see the API documentation in API Gateway. For details on how to access this documentation, see Testing LN REST API services using the Try It Out feature.
    • For details and examples about the syntax of the conditional expression, see the online help of the Route Data Authorizations by Role tab.

    This list shows some sample conditions that can be specified for the main collection lnapi/odata/tdapi.purPurchaseOrder/Orders:

    • (OrderAmount<10000.00)
    • (PurchaseOffice="USA")
    • (BuyfromBusinessPartner="BP000002" and Status="Closed")
    • (OrderDate in ["2023-01-01".."2023-12-31"] and Status in ["Created","InProcess"])
  9. Save the changes and close the text editor.