Answer an authorization check.
POST
End-user session operationId: check/v1/authz/check Authorization
Called from the browser with the publishable application id (x-application-id); the access token lives in memory.
Request body · required
objectstring requiredpermissionstring requiredsubjectstring required
Responses
200 Verdict
{
"data": {
"allowed": false,
"object": "string",
"permission": "string",
"subject": "string"
},
"error": {
"code": "string",
"message": "string"
},
"meta": {
"timestamp": "string"
},
"success": false
} 422 Malformed object/subject/permission
Request
curl -X POST "http://localhost:8080/v1/authz/check" \
-H "Content-Type: application/json" \
-d '{
"object": "document:readme",
"permission": "edit",
"subject": "user:alice"
}'Try it
live requestPOST
http://localhost:8080/v1/authz/check