[Koha-devel] Clarifying public routes on REST API
Tomás
tomas.cohen at gmail.com
Tue Jun 16 12:49:47 CEST 2020
'public' routes, authenticated or not, are for unprivileged access i.e. the
user doesn't need to have any special permission (a.k.a. flags).
Public routes can be disabled (like when you turn off OPAC access) and can
be enforced logged users (as in OPACPublic).
Privileged access routes (i.e. non-public) always require login and
permissions.
For plugins it all depends on the author's decisions and coding.
Hope it clarifies.
Best regards
El mar., 16 de junio de 2020 01:03, <dcook at prosentient.com.au> escribió:
> Hi all,
>
>
>
> Could I get some clarification on the purpose of the “public” routes for
> the REST API?
>
>
>
> In the case of
> https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=24909, it looks
> like it’s a public API that doesn’t require authentication/authorization.
>
>
>
> However other “public” routes like /api/v1/public/* all require
> authentication and appropriate authorization. Are these denoted as “public”
> as we’re suggesting that only these routes should be used by third-party
> “public” systems? I don’t get it.
>
>
>
> Hoping someone can offer some clarification.
>
>
>
> David Cook
>
> Systems Librarian
>
> Prosentient Systems
>
> 72/330 Wattle St
>
> Ultimo, NSW 2007
>
> Australia
>
>
>
> Office: 02 9212 0899
>
> Online: 02 8005 0595
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.koha-community.org/pipermail/koha-devel/attachments/20200616/96b48deb/attachment.htm>
More information about the Koha-devel
mailing list