Reading Permissions
danger
This endpoint is going to be dismissed anytime soon. Use Orders instead.
important
Make sure you enable this API endpoint for your store by going to Settings -> Integrations in your administration dashboard and tick the option Enable reading permissions.
caution
Make sure to always provide a Fallback URL.
Base URL
All following endpoints operates over the URL of your store:
https://your-store.com
example:
https://alephdigital.publica.la
Headers
{
'Content-Type': 'application/json',
'Accept: 'application/json',
'X-User-Token': api_token,
}
info
Make sure you generated the api_token on your store. More info HERE
Set
Set specific reading permissions for individual users on your platform
POST integration-api/v1/reading-permissions
Body parameters
| Parameter | Type | Description |
|---|---|---|
| user_external_id | string | Is nullable |
| user_email | string, email | Is nullable |
| issues_external_ids | list of strings | Can be empty |
| issues_collections | list of strings | Can be empty |
| user_token | string | Use the same as in your header |
Example body
{
"user_external_id": "user_external_id",
"user_email": "[email protected]",
"issues_external_ids": ["r4asJKDP785w", "snBDRZOa6u8E"],
"issues_collections": ["coleccion-1", "coleccion-2"],
"user_token": "your_api_token"
}
important
- At least one way to identify the user is required, make sure to send at least one of this two fields:
user_external_idoruser_email. - You can overwrite the user access making another request.
Provide a fallback URL
A Fallback URL is a URL that our system requests in the event of missing data. If at the moment of log in of the user, the system is unable to find any permissions for that user, a request is immediately made to the appropriate Fallback URL including the email and external_id of the user in the query string (URL encoded), for example:
GET https://{your_endpoint}[email protected]&user_external_id=ee8a8cb5-9cff-442c-9d78-3e65cc10b114
The response must consist of an object with the following structure:
{
"issues_external_ids": ["r4asJKDP785w", "snBDRZOa6u8E"],
"issues_collections": ["coleccion-1", "coleccion-2"]
}
Where:
| Parameter | Type | Description |
|---|---|---|
| issues_external_ids | list of strings | can be empty |
| issues_collections | list of strings | can be empty |
warning
In the case of a timeout or an error in the validation of the response, the system will only allow the user to access free publications.
warning
The system currently doesn’t supports authentication methods that involve dynamic credentials or with expiration period, such as JWT.
tip
It’s recommended for the responses to take at most 100ms, in order to ensure a good user experience. A 10 seconds timeout will be applied, after which the request will be considered failed.