Scopes

Scopes are Operations aggregators that are used to provide visibility to some App, that way an App can have limited access to an Api's operations.

Creation

Once the Scopes are created for an Api it is possible to navigate to a Plan that is attached to this Api and select which of the scopes it should have access to.

Plans

With that any App can have access only to the operations in the scopes of its plan, and any request to operations outside its scopes will return an HTTP Forbidden (403) status.

Scopes obey the following rules:

An Api can have multiple Scopes
Multiple Scopes can share the a subset of Operations
A Plan can have multiple Scopes with overlapping Operations
Any App associated with the Plan can access its Scopes, and only its Scopes

WARNING: Scopes do not require any interceptor to be used, but if Scopes are created for an Api it is recommended to add a ClientId Interceptor to the Api lifecycle to prevent access of requests that don't send an 'client_id' header.

Heimdall Gateway
Website | Demo | Conductor Tecnologia SA

Home
English
- Introduction
- Starting Heimdall
- Interceptors
  - Mock
  - Ratting
  - Access Token
  - Client ID
  - Custom
  - Middleware
  - OAuth
  - Blacklist
  - Whitelist
  - Cache
  - Cache Clear
  - Identifier
  - Log Masker
- Features
  - Middleware
    - Archetype
  - OAuth 2.0
  - Scopes
Português
- Introdução
- Iniciando Heimdall
- Interceptors
  - Mock
  - Ratting
  - Access Token
  - Client ID
  - Custom
  - Middleware
  - OAuth
  - Blacklist
  - Whitelist
  - Cache
  - Cache Clear
  - Identifier
  - Log Masker
- Funcionalidades

Scopes

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Clone this wiki locally