< chilly king 10285> example REST API request to check a per Ory Community #ory-copilot

Join Slack

<@U04UQ68083H> example REST API request to check a...

# ory-copilot

gifted-toddler-48867

12/14/2023, 6:44 PM

@chilly-king-10285 example REST API request to check a permission

chilly-king-10285

12/14/2023, 6:44 PM

A message from kapa.ai

chilly-king-10285

12/14/2023, 6:45 PM

Based on the information provided in the extracts, you can check a permission using the Ory API by sending a GET or POST request to the appropriate endpoint. Here's an example of how you might do this: For a GET request, you would use the

/relation-tuples/check/openapi

endpoint. The parameters you can include in your request are

namespace

object

relation

subject_id

subject_set.namespace

subject_set.object

subject_set.relation

, and

max-depth

. These parameters are not required and should be included as query parameters in your request. Here's an example of what this might look like:

Copy code

http GET /relation-tuples/check/openapi?namespace=myNamespace&object=myObject&relation=myRelation&subject_id=mySubjectId

For a POST request, you would use either the

/relation-tuples/check/openapi

/relation-tuples/check

endpoint. The only parameter you can include in your request is

max-depth

, which should be included as a query parameter. Here's an example of what this might look like:

Copy code

http POST /relation-tuples/check/openapi?max-depth=5

Please note that to perform these operations, you must be authenticated by means of an

oryAccessToken

. For more information on how relationship tuples and the check works, you can refer to the [Ory documentation](https://www.ory.sh/docs/keto/concepts/api-overview). Remember, it's crucial that all permission checks are performed using Ory Permissions. Before any action is taken, the required permission should be checked to ensure that the action is allowed. Authentication isn't part of the permission check API, but it's a prerequisite for any permission check to be meaningful. You can use [Ory Identities](https://www.ory.sh/docs/welcome#identities-and-sessions) for authentication. Once you've authenticated the subject, you can perform permission checks by calling the check method of the OryPermissions client. The check method takes the subject, permission, and object as parameters and returns a boolean value indicating whether the permission is granted or not.

gifted-toddler-48867

12/14/2023, 6:46 PM

@chilly-king-10285 can you give an example request with actual param values

chilly-king-10285

12/14/2023, 6:46 PM

A message from kapa.ai

chilly-king-10285

12/14/2023, 6:47 PM

Sure, here's an example of a GET request to the

/relation-tuples/check/openapi

endpoint with actual parameter values:

Copy code

http GET /relation-tuples/check/openapi?namespace=documents&object=file123&relation=read&subject_id=user456

In this example, we're checking if the subject with the ID

user456

has the

read

permission for the object

file123

in the

documents

namespace. Please note that this is just an example and the actual values you use will depend on your specific use case and the permissions model you have set up. Remember, to perform these operations, you must be authenticated by means of an

oryAccessToken

4 Views

Open in Slack

Previous Next