Core
API v2.x
2

getMyRights #

Returns the exhaustive list of granted or denied rights for the currently logged in user.


Query Syntax #

HTTP #

Available since 2.4.0
URL: http://kuzzle:7512/_me/_rights
Method: GET
Headers: Authorization: "Bearer <authentication token>"
Deprecated since 2.4.0
URL: http://kuzzle:7512/users/_me/_rights
Method: GET
Headers: Authorization: "Bearer <authentication token>"

Other protocols #

{
  "controller": "auth",
  "action": "getMyRights",
  "jwt": "<authentication token>"
}

Arguments #

  • jwt: valid authentication token (for the HTTP protocol, the token is to be passed to the Authorization header instead)

Response #

The result contains a hits array, listing the rights for the current user.

Each right is an object with the following properties:

  • controller: API controller
  • action: controller's action
  • index: authorized or denied index
  • collection: authorized or denied collection
  • value: one of the following value: denied, allowed
{
  "status": 200,
  "error": null,
  "result": {
    "hits": [
      {
        "controller": "document",
        "action": "get",
        "index": "foo",
        "collection": "bar",
        "value": "allowed"
      },
      {
        "controller": "document",
        "action": "search",
        "index": "foo",
        "collection": "bar",
        "value": "allowed"
      },
      {
        "controller": "document",
        "action": "write",
        "index": "foo",
        "collection": "bar",
        "value": "denied"
      }
    ]
}