To authorize requests, CodeMash uses an API token. This token needs to be passed with every request. There are three types of tokens.
Project token - has full permission to project resources.
User token - received by the user after successful authentication.
Service token - granted to service user (can be created in the dashboard). Acts as a project token but with managed permissions.
Authorization token can be passed in several ways.
The most common way is to pass an authorization header. This is recommended to use if possible.
Authorization: Bearer YOUR_API_TOKEN
In case you are unable to set a header (for example, redirecting to logout URL), you can set a token in a query string.
To access project resources your user needs to have particular permissions. For convenience, permissions are grouped into policies and policies into roles.
Roles are a group of policies. When you create a project, two roles are created automatically - Authenticated and Administrator.
Administrator - a role containing all the policies and all the permissions. This role cannot be edited.
Authenticated - a role containing less sensitive permissions.
Roles can be created and managed on a dashboard page. Every role can be assigned any amount of policies.
Policies are a group of permissions. When enabling services, some system policies are created automatically. You can create your own policies from a list of allowed permissions.
Policies can be created and managed on a dashboard page. Every policy can be assigned any amount of permissions.
Permissions are string values used to allow access to authenticated methods. Permissions are created automatically when enabling services and cannot be edited. Can be used in the creation of policies.