Distribution Channels API Reference
See the API reference
Note about permissions when migrating to distribution channels API V2
In Distribution Channels V1 API you get permissions through the Distribution Channel API. This is no longer supported as
the single source of truth for permissions is now the Permission Store. See below for an explanation of how to do this.
How to to authorize access by permission-client or distribution channel
There are two ways to solve this. The preferable way is to use permission-client as following:
- Add package dependency
- Configure permission-client and subscribe to permission "Salgskanal" as shown in documentation for permission-client
- Salgskanal.Id, Salgskanal, LES
- Authorize endpoint with either PreAuthorize/PostAuthorize or two methods from permission-client
- Secure your endpoint with @PreAuthorize(hasPermission(#distributionChannelId, 'Salgskanal#Id', 'LES')
- Secure your endpoint with 2 methods from permission-client "checkResponsibilitySetPermission(Object principal, String operationAndType, String objectKey, Access access)"
or "getResponsibilitySet(Object principal, String operationAndType, Access access)"
This implementation will now allow users or clients which has permission "salgskanal" and with token orgId listed in organisationAgreements for given distributionChannelId to access this distribution channel data object.
Permission-client setup ref: https://bitbucket.org/enturas/permission-client/src/master/
The alternative way, which is almost as similar to distribution V1 is to add requestQuery "includeOrganisationAgreements" as shown in the next line.
This implementation will now fetch agreements from permission-store by given distributionChannelId and add it as a field
in request body. This should not be used as a permanent solution since it limits our implementation of authorization
and neither is it used as intended.
Note: It will not work for GET /distribution-channels since it is an expensive operation to permission-store.
How to see if users or clients have access to certain distributionChannelId via entur-partner
To see if your user's or client's organisation has an agreement to a given distributionChannel, please navigate to Distribution Channels in Entur Partner https://entur-partner.dev.entur.org
To see if your user or client has permission "salgskanal", please navigate to Permission Admin in Entur Partner https://entur-partner.dev.entur.org
Note: The owner of distribution channels has implicit access to its own Distribution Channels. For now these
at least these will not show up in the returned list of
Agreements and for technical reasons Entur gets automatically
access to Distribution Channels that have type set to "onBoard".
It is required that all consumers identify themselves by using the header ET-Client-Name.
The structure of ET-Client-Name should be: "company-application".
curl -X GET -H "ET-Client-Name: your_company-your_application" -H "Authorization: Bearer ..." https://api.entur.io/distribution/...
This header is used to identify where the request is coming from and is a required header parameter that should be supplied with each request.