Current user permission queries#

These endpoints are useful to check which customers and permissions are available for the current user, as well as query for current user group membership.

For 3rd party applications, integrated via OAuth2, these endpoints may be used to query about the permissions of the user the session belongs to.
This is useful to utilize the Argus permission system to query for customers, permissions and roles if they should also apply for the 3rd party application.

List customers available in session#

Invoking the session customers endpoint, lists all customers which are available to the current user (in the current session):

curl -XGET -H"Argus-API-Key: my/api/key" https://api.mnemonic.no/currentuser/v1/customers?keyword=test&limit=10

The response contains a list of “Customer Info” objects, each with the id, shortname and name of the customer.

Using the keyword parameter, the result will be filtered to customers where the name or shortname matches the keywords.
This is useful for autocompleters.

“Available customers” only means that the customer is somehow visible in the current session. The current user/session may have different permissions for each customer, so there is no guarantee that all customers returned are usable for specific operations.

To check for specific permissions, see the “permission” endpoint below

List groups which the current user is member of#

This endpoint lists all groups which the current user is member of.
Using the includeAncestors=true option will also include ancestor groups, i.e. groups which the current user is not direct member of, but is a transitive member:

curl -XGET -H"Argus-API-Key: my/api/key" https://api.mnemonic.no/currentuser/v1/groups?includeAncestors=true

List functions available in session#

Invoking the session functions endpoint, lists all functions which are available to the current user (in the current session):

curl -XGET -H"Argus-API-Key: my/api/key" https://api.mnemonic.no/currentuser/v1/functions?onlyRoles=true&keywords=test

“Available functions” only means that the function is somehow visible in the current session.
To know if a user has permission to a specific function for a specific customer, use the “permission” endpoint below.

Secondly note, that users that have the viewAllFunctions permission will have access to list ALL functions in the system, even if the user does not have any permission granted for that function.

Also note that “available functions” only shows functions which are valid with the security level of the current session.
Functions requiring higher security level than the current session, will not be visible.

Check for specific permission#

To check if the current session is granted permission for a specific function, for a specific customer, use the permission endpoint:

curl -XGET -H"Argus-API-Key: my/api/key" https://api.mnemonic.no/currentuser/v1/permission/myfunction/mycustomer

Endpoint will return 200 OK if the current user is permitted the function for the specified customer, or 403 Unauthorized if not permitted.

The permissions endpoint will respect the security level of the current session.