Core
API v1.x
1
APIAPI v1.x

You are currently looking at the documentation of a previous version of Kuzzle. We strongly recommend that you use the latest version. You can also use the version selector in the top menu.

getMyRights #

Returns the exhaustive list of granted or denied rights for the currently logged in user.

Query Syntax #

HTTP #

URL: http://kuzzle:7512/users/_me/_rights
Method: GET
Headers: Authorization: "Bearer <authentication token>"

Other protocols #

{
  "controller": "auth",
  "action": "getMyRights",
  "jwt": "<authentication token>"
}

Arguments #

  • jwt: valid authentication token (for the HTTP protocol, the token is to be passed to the Authorization header instead)

Response #

The result contains a hits array, listing the rights for the current user.

Each right is an object with the following properties:

  • controller: API controller
  • action: controller's action
  • index: authorized or denied index
  • collection: authorized or denied collection
  • value: one of the following value: denied, allowed, or conditional
{
  "status": 200,
  "error": null,
  "result": {
    "hits": [
      {
        "controller": "document",
        "action": "get",
        "index": "foo",
        "collection": "bar",
        "value": "allowed"
      },
      {
        "controller": "document",
        "action": "search",
        "index": "foo",
        "collection": "bar",
        "value": "allowed"
      },
      {
        "controller": "document",
        "action": "write",
        "index": "foo",
        "collection": "bar",
        "value": "denied"
      }
    ]
}
Edit this page on Github(opens new window)