Roles Assignment and Format
Roles Assignment and Format🔗
Assignment of roles to documents and roles to search requests (API calls and access tokens) is managed by the integration application so this can be as simple or as complex as required per business requirements. See section Example Access Roles Scheme.
The integrating application is free to provide any string as an access role that satisfies the following regular expression format (mixed numbers and letters, case sensitive):
access role = [A-Za-z0-9]+
When specifying access roles for searching, they may be listed as multiple roles: both negative and positive. They grant access to a document only if it matches at least one positive role and not any of the negative roles:
- role: positive role, grants access if the document matches one of these
- role1 -role2 -role3: positive role with exceptions, acts as a positive role but is ignored if the document contains any of the negative roles.
- -role: negative role, forbids access to the document if it matches one of these. This rule overrides a positive match.
In addition to the above formats, there is a special role "all" which can be used in place of a positive (with or without exceptions). Role "all" is interpreted to match all documents.