CMDBuild Forum

REST API v3 access no admin 403 response

Is there a way to access the data through the REST api for a user without admin privileges.
When I try to do it I get a 403 response.

In case there isn’t, is there a way to enable for certain users api privileges?

You need to define an account having write permissions on card you want to manage. Define a new group (i.e. “Service accounts”) having right permissions (“Permissions” tab of your newly defined group) on cards you want to manage throw REST API, create a technical account and bind it to this group: now you’ll be able to manage cards with REST APIs with no need to have admin permissions.
Hope this can help.

In addition to what has been mentioned by Daniele, it depends how exactly you’re accessing data. For example, I have several read-only integrations (calling CMDBuild functions) running under account with no access to any classes.

@tecnoteca by the way, this seems like potential security risk as we can’t separate what groups/users can access what functions.