By default, API resources/endpoints inherit security settings from the parent API.
Define custom ACLs for a specific resource/endpoint to override the inherited
settings.
Role required: web_service_admin or admin
ACLs are checked for an authenticated user only.
-
Navigate to .
-
Select a scripted REST API.
-
In the Resources related list, select a resource.
-
In the Security tab, select the Requires
authentication check box.
You must select this check box to require an ACL for the resource. If you
clear this check box, the resource becomes public and requires no credentials.
Clear this check box only if you want to allow unauthenticated requests to
access the resource, even if the parent REST service requires an ACL.
-
Select the Requires ACL authorization check box.
-
In the ACL field, select one or more ACLs that meet the
security needs for the endpoint. Select only those ACLs that have a
Type of REST_Endpoint. Only
users who have roles defined in the selected REST_Endpoint type ACL are granted
access to this resource.
Selecting an ACL for a resource overrides any ACLs selected for the parent web
service. Leave this field blank to use the ACLs selected for the parent web
service.