Permissions

In order to limit access from your application to only the data required by your use case, Provet REST API endpoints are protected by different permissions.

Automated Permissions Management

Provet supports automated permission management, reducing manual effort and ensuring consistency. This feature is called a “permission template” and it is added on the integration template.

Contact Provet support to get your permission template added to your integration template.

When permission templates are modified, the associated permission group in Provet is automatically updated to match the latest template. Added permissions are included and removed permissions are excluded to ensure synchronisation.

If a permission template is not used, the integration has the same permissions by default as the permission group Users.

If an integration requires different permissions (some endpoints are denied or you want to restrict the permissions), the permissions must be edited manually. Check the Provet API schema for which permissions each endpoint needs. See also View and Manage User Permissions.

Manual Permissions Management

Note

This feature is being phased out for integrations.

When a new integration application is added to Provet, a virtual user and a permission group are automatically created for the integration. The virtual user is called Integration <Integration name> and can be found in Settings > Users using the Virtual filter. The permission group has the same name as the integration.