Create a Capability Token - OsiriX-Foundation/KheopsAuthorization GitHub Wiki
This resource can be used by a user that want to create a capability token.
URL : /capabilities
Method : POST
Auth Required : Authorization with a JWT Bearer token with the user as the sub claim.
Headers
Accept
: If present, require that this value beapplication/json
Content-Type
: Must beapplication/x-www-form-urlencoded
Parameters
title={title}
title of the tokenscope_type=user
oralbum
- if scope_type=album
album={album_id}
read_permission={boolean}
(Optionnal) default value : false- Only if read_permission=true
appropriate_permission={boolean}
(Optionnal) default value : falsedownload_permission={boolean}
(Optionnal) default value : false
write_permission={boolean}
(Optionnal) default value : false
- if scope_type=album
expiration_time={time}
(Optionnal) default value : 3 daysnot_before_time={time}
(Optionnal) default value : Now
Success Response
If the token was created successfully.
- Status :
201 Created
{
"id": "KbSVRVsa0r",
"secret": "yCq8BB4f5OESEknoLUbL0Z",
"title": "Twitter token",
"issued_at_time": "2018-10-22T14:20:59.790Z",
"not_before_time": "2018-10-22T14:20:59.734Z",
"expiration_time": "2018-10-13T14:20:59.734Z",
"revoked": false,
"scope_type": "album",
"album": {
"id": "hx7S6Q2nv0",
"name": "The album name"
}
"read_permission": true,
"write_permission": false,
"download_permission": true,
"appropriate_permission": false,
"created_by": {
"email": "[email protected]",
"sub": "c2fd0b66-dac4-4b98-9341-d4f3b303bd4e",
"last_name": "user last name",
"first_name": "user first name"
},
or
"scope_type": "user"
}
Error Response
If a parameter is unvalid
- Status :
400 Bad Request
If the user is not an admin of the album
- Status :
401 Unauthorized
If the album are unknow
- Status :
404 Not Found