Public and Trusted Methods

The "protection" property in pronghorn.json

To support public or trusted methods, a Developer must set the protection key at the root-layer inside of a method in pronghorn.json. Itential supports two values for this protection, which overrides the default authorization utilizing roles. Both values are explained below.

The first value is public which allows anyone, regardless of being an Itential Platform user or not, to access the route. This value is the least secure option and should only be used for data that is deemed acceptable for public exposure.

The second value is trusted which allows anyone that is logged into Itential Platform to access the route, regardless of groups or roles. This value is helpful for common methods used by all users which do not have specific authorization controls. For example, the GET /whoami route within Itential Platform is required for all users, as it allows them to see information about themselves. This value is also more secure than “public” methods; however, it should be used sparingly as it bypasses the roles used within Itential Platform.

Example Configuration

The following shows the protection property set to "authenticated".

{
      "name": "exampleMethod",
      "summary": "Example method",
      "description": "Example method",
      "roles": [],
      "route": {
        "path": "/method",
        "verb": "GET"
      },
      "input": [],
      "output": {
        "name": "method",
        "type": "object",
        "schema": {
          "title": "method",
          "type": "object"
          }
        }
      },
      "protection": "authenticated"
    },