Last updated
Was this helpful?
Last updated
Was this helpful?
You can test access policies with Postman.
Access the Auth Clients tab and create a new client.
Access the Access Control tab and create new access policy with the code below. Let's consider the work of this policy. In this schema, two constraints are introduced:
it is allowed to use only the GET method;
it is allowed to use only request URIs starting with "/fhir/".
Matcho engine version:Now, let's execute requests in Postman.
Let's use the parameter __debug=policy in requests to see which JSON-schema validation returned true/false.
Previously, we tested access control for clients using Postman as a client. Now, let's create and test access policies for users. We will still need our client credentials.
First, we need to create a couple of users.
Access the Users tab and create two users in Aidbox.Cloud.
Now, let's define read-only access for the 'Patient' role. Create an access policy with the code below.
Let's set access rights for administrators.
Now, let's test the policies in Postman.
First, we need to get bearer token for a user and a client.
Execute the request and copy the received access_token value. Paste it to your test request in the Authorization header with the word Bearer before it.
E.g. you got the access_token:
Your authorization header will be: Bearer 45ab638d-9a3a-492b-b2df-0d8295c108fc.
Now, let's execute requests from users to test their access.
Test user request with GET
Test user request with POST
The results of the schema validation should be the following:
You can create policy-token to access rpc without creating AccessPolicy resource
To do that call aidbox.policy/create-policy-token RPC method:
This RPC method will return you a JWT token, which can be used only to call two methods with params you described:
aidbox.sdc/read-document
aidbox.sdc/save-document
To make a call RPC with this token just pass it in body:
See the full documentation .
See the full documentation .
GET
True
True
POST
True
False
This guide shows how to create and test access policies in Aidbox
