Situation: Authentication and authorization of REST services is not yet homogeneously implemented.
Solution: REST services can only be called from authenticated and authorized users. Whithin the GTC Suite users are authenticated via access tokens, otherwise Basic Authentication (username/password) is used. For data access the user authorizations are checked. Outside of the GTC Suite the user needs the "RestInterfaces (RestUseAPI)" permission in order to call a REST service. If you are already using REST interfaces, you may need to adjust permissions in the GTC. |