For an entity, I need to disable permissions on post, put, delete, patch. I have a login via JWT.

DataServer: TXDataServer;

If I use

var e: = DataServer.EntitySetPermissions.Add;
e.EntitySetName: = '*';
e.Permissions: = EntitySetPermissionsRead;

and I declare in the entity
[EntityAuthorize (EntitySetPermissionsAll)]

so in swagerui I get permissions to get, post, put, delete, patch.

When I delete EntitiesAuthorize (EntitySetPermissionsAll)]
swagerui displays well displays only get, but get works even without a token.

I just need get permission and set JWT authorization.

How can I get get-only permissions on an entity when authorizing JWT?

I'm trying delphi11.

Have a look at Authentication and Authorization | TMS XData documentation and see if that helps

Then why don't you simply add with read permissions?

[EntityAuthorize(EntitySetPermissionsRead)]

This works. Thank you for your help.

1 Like

This topic was automatically closed 60 minutes after the last reply. New replies are no longer allowed.