Enforcing profile permissions for reports on SOAP and REST API calls

Expand

Collapse

Advanced SearchOpens new dialog

Enter plus (+) or minus (-) signs in search terms to make a word required or excluded
Search Tips

Search terms

Screen Reader users press enter to select a Filter by product. Filter by product

Screen Reader users press enter to select a Filter by category. Filter by category

Sort by Direction

Answer ID 12262 | Last Review Date 06/15/2022

How can I make sure the profile permissions for reports are enforced for an account's SOAP and REST API calls?

Environment:

Oracle B2C Service
20D and newer

Resolution:

There is a hidden configuration setting which maps profile reports permissions to SOAP and REST API permissions:

REPORT_PERMISSIONS_ENABLED
- This setting specifies whether server-side access control enforcement is enabled for reports requests.
- This setting is enabled by default for all new sites, but is disabled on some older sites.

As this setting is hidden, if you would like it to be enabled submit a service request to Ask Technical Support, but please take these facts into consideration before doing so:

1. It will affect all your current integrations
2. Once enabled, it cannot be disabled

It is highly recommended that you test its implications on a test site before enabling it on your production site. Once it is enabled an API request for a report that the user's profile does not have permission to will contain the below error message in the response.

"Error in POST data: Cannot run AnalyticsReport: ReportName(ID=101234): REPORT_ERROR_PERMISSION_DENIED"

Loading...

Login

How can I make sure the profile permissions for reports are enforced for an account's SOAP and REST API calls?

Was this answer helpful?

Still have questions?

Related Answers

Login