Authorization

Last Updated : Apr 22, 2021 |

Context Store provides the ability to limit access to context data only to authorized users, using the Avaya Breeze® platform Authorization Service (AS) snap-in.

An administrator authorizes different user groups and applications with specific access levels. This user-privilege mapping is stored in the AS snap-in and a bearer token is generated for the user or application.

When the user or application requires access to Context Store, they must supply the authorization token with the Context Store request. If the user or application is accessing Context Store for the first time, the authorization token must be requested from the ContextStoreREST snap-in. When the ContextStoreREST receives an API request, it verifies the existence and validity of the authorization token. If the token is valid, Context Store returns the data requested according to the access level that the user or application is granted

Privilege levels

Context Store supports two features or access levels: Privileged and Standard. A Standard token can perform the types of options allowed in the Standard scope, while a Privileged token can perform the types of operations allowed in the Privileged scope. For each feature, you can have four values:


Value	Definition
Create	Applies to all ContextStoreRest Post requests.
Delete	Applies to all ContextStoreRest Delete requests
Read	Applies to all ContextStoreRest Get requests
Update	Applies to all ContextStoreRest Put requests

Generating bearer tokens

Four REST methods are available for generating bearer tokens. These APIs are available only if you set the Enable Breeze Authorization Service attribute on ContextStoreREST to True.

Any user can use the Get token and Get token by scope APIs to generate tokens. However, the APIs are accessible only if you set the Require user for Breeze Authorization Service attribute on ContextStoreREST to False. If you set the attribute to True, then you can use only the more secure versions of the generate-token APIs, for which you require valid login credentials.


Name	REST method	URL	Headers
Get token	GET	`https://clusterIP/services/ContextStoreRest/cs/contexts/token/`
Get token by scope	GET	`https://clusterIP/services/ContextStoreRest/cs/contexts/token/scope/`	scope
Get token by user	GET	`https://clusterIP/services/ContextStoreRest/cs/contexts/token/username/`	user name password
Get token for user by scope	GET	`https://clusterIP/services/ContextStoreRest/cs/contexts/token/username/scope/`	scope user name password

Send Feedback

AVAYA DOCUMENTATION CENTER

No results found

AVAYA DOCUMENTATION CENTER

No results found

Avaya Context Store Snap-in Reference

Authorization

Privilege levels

Generating bearer tokens