Who Can Set Permissions on an API?
When setting permissions on APIs, keep the following points in mind:
To set permissions on an API, you must have the Manage Assets permission or the Full instance-level permission on the API itself.
You can assign permissions to any individual user or group defined in
CentraSite.
The groups to which you can assign permissions include the following system-defined groups:
Group Name | Description |
Users | All users within a specified organization. |
Members | All users within a specified organization and its child organizations. |
Everyone | All users of CentraSite including Guest users (if your CentraSite permits access by guests). |
If a user is affected by multiple permission assignments, the user receives the union of all the assignments. For example, if group ABC has Modify permission on an API and group XYZ has Full permission on the same API, users that belong to both groups will, in effect, receive Full permission on the API.
The same principle applies to users who have both role-based permissions and instance-level permissions on the same API. In this case, users receive the union of the role-based permission and the instance-level permission on the API.
If you intend to give users in other organizations access to the API, and the API includes supporting documents that you want those users to be able to view, make sure you give those users permission to view the supporting documents as well as the API itself.