/entityType.setAccessSchema

Set the access schema for a particular client. An access schema defines the subset of attributes to which a client has read or write access.

Each client can have one read access schema and one write access schema defined. Which access schema is used depends on whether the API call performs a read operation or a write operation.

Note. if you want to give a client read and write access to the same set of attributes, you must set the read and write schemas in two different calls. For mobile clients, you should use the read_with_token and write_with_token settings.

Defining the attributes parameter

When granting permissions to a top level attribute in the schema, use the attribute name formatted in JSON. Example: ["aboutMe","created"]

When granting permissions to an attribute that is part of a larger object, use an attribute path. The attribute path begins at the root of the schema, and uses slashes to navigate from the plurals to the target sub attribute. For example, to refer to the city attribute in the primaryAddress plural, use: ["/primaryAddress/city"]

When setting an access_type, for a for_client_id, you must include all attributes in one call. If an attribute is not specified, the access_type is removed.

Try to avoid including the attributes created, id, lastUpdated, and uuid when configuring the schema. Including these reserved attributes in the attributes list can result in "Unexpected internal error" messages.

For more information, refer to the Create an API Client page.

Refer to the Registration Error Codes section for details on error codes.

The endpoint includes the following methods:

POST


POST

Base URL

The base URL for this endpoint is your Janrain Capture domain; for example:

https://educationcenter.us-dev.janraincapture.com

Your Capture domains (also known as Registration domains) can be found in the Janrain Console on the Manage Application page:

Examples

Example Request

1) Give a client read-only access, by setting the write access schema to an empty array of attributes.


curl -X POST \
    -H "Authorization: Basic aW1fYV...NfbXk="\
    --data-urlencode type_name=user \
    --data-urlencode for_client_id=7890fghi7890fghi \
    --data-urlencode access_type=write \
    --data-urlencode attributes='[]'\
    https://my-app.janraincapture.com/entityType.setAccessSchema
          

Running Code Samples Using Postman

The Janrain REST API code samples are written using Curl, but they can easily be run from within Postman. To use one of our code samples in Postman:

  1. Click the Copy to Clipboard button located directly beneath the code sample
  2. In Postman, click Import to display the Import dialog box.
  3. In the Import dialog box, click Paste Raw Text, and then paste in the copied code. The Import dialog box should look similar to this:

  4. Click Import, and the Curl command will be converted to a format that can be run from within Postman. All you need to do now is configure the command to work with your Janrain implementation.

Example 1 Response


{
  "schema": {
    "attr_defs": [
      {
        "name": "id",
        "description": "simple identifier for this entity",
        "type": "id"
      },
      {
        "name": "uuid",
        "description": "globally unique identifier for this entity",
        "type": "uuid"
      },
      {
        "name": "created",
        "description": "when this entity was created",
        "type": "dateTime"
      },
      {
        "name": "lastUpdated",
        "description": "when this entity was last updated",
        "type": "dateTime"
      }
    ],
    "name": "user"
  },
  "notice": "reserved attributes (id, uuid, created, lastUpdated) are automatically included in the access schema",
  "stat": "ok"
}

Give a client write access to givenName and familyName


curl -X POST \
    -H "Authorization: Basic aW1fYV...NfbXk="\
    --data-urlencode type_name=user \
    --data-urlencode for_client_id=7890fghi7890fghi \
    --data-urlencode access_type=write \
    --data-urlencode attributes='["givenName", "familyName"]'\
    https://my-app.janraincapture.com/entityType.setAccessSchema
          

Running Code Samples Using Postman

The Janrain REST API code samples are written using Curl, but they can easily be run from within Postman. To use one of our code samples in Postman:

  1. Click the Copy to Clipboard button located directly beneath the code sample
  2. In Postman, click Import to display the Import dialog box.
  3. In the Import dialog box, click Paste Raw Text, and then paste in the copied code. The Import dialog box should look similar to this:

  4. Click Import, and the Curl command will be converted to a format that can be run from within Postman. All you need to do now is configure the command to work with your Janrain implementation.

Example 2 Response


{
  "schema": {
    "attr_defs": [
      {
        "name": "id",
        "description": "simple identifier for this entity",
        "type": "id"
      },
      {
        "name": "uuid",
        "description": "globally unique identifier for this entity",
        "type": "uuid"
      },
      {
        "name": "created",
        "description": "when this entity was created",
        "type": "dateTime"
      },
      {
        "name": "lastUpdated",
        "description": "when this entity was last updated",
        "type": "dateTime"
      },
      {
        "length": 1000,
        "constraints": [
          "unicode-printable"
        ],
        "name": "familyName",
        "type": "string",
        "case-sensitive": false
      },
      {
        "length": 1000,
        "constraints": [
          "unicode-printable"
        ],
        "name": "givenName",
        "type": "string",
        "case-sensitive": false
      }
    ],
    "name": "user"
  },
  "notice": "reserved attributes (id, uuid, created, lastUpdated) are automatically included in the access schema",
  "stat": "ok"
}
          

Authorized Clients

  • owner

Security

  • janrain-signed
  •  basic-auth

Query Parameters

Parameter Type Required Description
type_name string Yes Name of the entityType.
 
for_client_id string Yes Client ID of the client whose access schema is being configured.
 
access_type string Yes Type of access schema being created. Allowed values are:
  • read
  • write
  • read_with_token
  • write_with_token
attributes string Yes JSON list of attribute names. These names can be full attribute paths. If a path terminates at an object or plural, then that means that the client will have access to all sub-attributes. Whenever possible, avoid including the reserved attributes created, id, lastUpdated, and uuid in your list of attributes.