View API permission groups
This guide applies only if your Org is configured to use OpenID Connect for authentication. For more information, see Authentication with OpenID Connect.
If your Org is configured to use OpenID Connect for authentication, the Pismo platform uses permission groups to control access to each of the platform APIs. When you request a Pismo JWT, you must provide the pismo
custom key claim to include the permission group name.
You can use Control Center to find the correct permission group, as well as other information about the endpoint. For instance, to use the List accounts by document number endpoint (GET /accounts/v3/accounts), you need the permission group pismo-v1:accounts:rw, as shown in the following image:
The results on this screen are useful for answering questions like:
- Which permission groups are available for my Org?
- Which permission group do I use to access a specific endpoint?
- Which endpoints does a specific permission group give access to?
- Does a specific endpoint require an account ID or external ID when generating the access token? (For more information, see Get OpenID access token.)
OpenID Connect only
The results that display apply only to your specific environment and Org. If your Org doesn’t use OpenID Connect authentication, the results screen displays the message
Org has no permission groups configured.
To view API permission groups:
- On the main menu, click Organization > Permission group.
- On the API permission groups screen, use the grouping, sorting, and filtering functions to refine your results.
Updated about 1 month ago