DIGIT Specifications
PlatformUrbanHealthPublic FinanceSanitation
  • Specifications Overview
    • Standardisation Approach
  • Common Service Specs
    • Access Control
    • Analytics
    • Billing
    • Collection
    • Dashboard Analytics
    • Decision Support System Ingest
    • Document Controller
    • Employee
    • Encryption
    • Filestore
    • ID Generation
    • Inbox
    • Indexer
    • Master
    • Master Data Management
    • OTP
    • Payment Gateway
    • PDF Generation
    • URL Shortening
    • User
    • Workflow
  • Domain Service Specs
    • Attendance
    • Bank Account
    • Billing Calculator
    • Birth-Death
    • Building Plan Approval
    • Building Plan Calculator
    • Campaign
    • Campaign Delivery
    • Contracts
    • Estimates
    • eChallan
    • Facility
    • Faecal Sludge Management (FSM)
    • Fire NOC
    • Fire NOC Calculator
    • Household
    • Individual
    • Inventory
    • Land
    • Muster Roll
    • National Dashboard Ingest
    • No Objection Certificate
    • Organization
    • Planning
    • Product
    • Project
    • Property Registry
    • Property Tax Calculator
    • Public Grievance Redressal
    • Registration
    • Sewerage Connection
    • Stock
    • Supervision
    • Sync
    • Trade Licence
    • Trade Licence Calculator
    • User Events
    • Vehicle Registration
    • Vendor Registration
    • Water Connection
  • Archived-docs
    • DIGIT Urban Service Specs
      • Property Tax Service
        • Property Tax Taxonomy
        • Property Tax Data Model
        • Property Tax Service API
      • Public Grievance Redressal Service
        • Public Grievance Redressal Taxonomy
        • Public Grievance Redressal Data Model
        • Public Grievance Redressal Service API
      • Trade License Service
        • Trade License Taxonomy
        • Trade License Data Model
        • Trade License API
      • Fire NOC Service
        • Fire NOC Taxonomy
        • Fire NOC Data Model
        • Fire NOC API
      • Miscellaneous Collection Service
        • Miscellaneous Collections Taxonomy
        • Miscellaneous Collections Data Model
        • Miscellaneous Collection API
      • Online Building Plan Approval Service
        • Online Building Plan Approval Taxonomy
        • Online Building Plan Approval Data Model
        • Online Building Plan Approval Service API
      • Water & Sewerage Service
        • Water & Sewerage Taxonomy
        • Water Service Data Model
        • Sewerage Service Data Model
        • Water & Sewerage Service API
      • Birth & Death Service
        • Birth & Death Taxonomy
        • Birth & Death Data Model
        • Birth & Death Service API
    • DIGIT Public Finance Management Service Specs
      • iFIX Master Data Service API
      • Adapter Master Data Service API
      • mGramSeva iFIX Adapter Service API
      • iFIX Department Entity Service API
      • Fiscal Event API
    • DIGIT Health Service Specs
      • Health Service Data Model
      • Health Service API
    • DIGIT Sanitation Service Specs
      • Faecal Sludge Management Service
        • Faecal Sludge Management Data Model
        • Faecal Sludge Management Service API
Powered by GitBook

​All content on this page by eGov Foundation is licensed under a Creative Commons Attribution 4.0 International License.

On this page

Was this helpful?

Export as PDF
  1. Common Service Specs

Access Control

PreviousCommon Service SpecsNextAnalytics

Last updated 3 months ago

Was this helpful?

Access Control APIs

API specs to map actions to roles.

  • Access Control APIs
  • POSTGet the list of actions based on either roles or features.
  • POSTCreate a new action.
  • PUTUpdate existing action(s).
  • POSTValidate a particular action for a given tenant and roles of the tenant
  • POSTCreate mapping for feature and role.
  • POSTGet the list of roles based on role codes.
  • POSTCreate a new role.
  • PUTUpdate existing role(s).
  • POSTCreate mapping for role and action(s).

Get the list of actions based on either roles or features.

post

Get the list of actions based on the input parameters.

Query parameters
rolesstring[]Optional

The list of role codes.

featuresinteger[]Optional

The list of feature id's.

Body
apiIdstringRequired

unique API ID

verstringRequired

API version

tsstringRequired

response timestamp YYYY-MM-DDThh:mm:ss+/-nn:nn (timezone defaulted to +5.30)

actionstringOptional

api action like GET/POST/PUT/DELETE in case of http calls

didstringOptional

device UUID from which API is called

keystringOptional

API key (dynamic)

msgIdstringOptional

unique request message id, UUID, for handling API idempotency

requesterIdstringOptional

UserId of the user calling

authTokenstringOptional

//session/jwt/saml token/oauth token

Responses
200
Successful response
*/*
400
Invalid input.
*/*
post
POST /v1/actions/_search HTTP/1.1
Host: access
Content-Type: */*
Accept: */*
Content-Length: 138

{
  "apiId": "text",
  "ver": "text",
  "ts": "text",
  "action": "text",
  "did": "text",
  "key": "text",
  "msgId": "text",
  "requesterId": "text",
  "authToken": "text"
}
{
  "responseInfo": {
    "apiId": "text",
    "ver": "text",
    "ts": 1,
    "resMsgId": "text",
    "msgId": "text",
    "status": "SUCCESSFUL"
  },
  "actions": [
    {
      "id": 1,
      "name": "text",
      "queryParams": "text",
      "url": "text",
      "parentModule": 1,
      "orderNumber": 1,
      "displayName": "text",
      "enabled": true,
      "createdBy": 1,
      "createdDate": "2025-06-06",
      "lastModifiedBy": 1,
      "lastModifiedDate": "2025-06-06",
      "tenantId": "text",
      "serviceCode": 1
    }
  ]
}

Create a new action.

post

To create new action(s) in the system. An action entry is required for each and every path to authenticate the access based on the assigned role of an user.

Body
actionMasterstringOptional

action master

enabledbooleanOptional

if enabled or not

featureIdsinteger[]Optional

unique id for feature

leftIconstringOptional

left icon

navigationURLstringOptional

url for navigating

rightIconstringOptional

right icon

roleCodesstring[]Optional

codes specifying role

tenantIdstringOptional

Unique Identifier of the tenant, Like AP, AP.Kurnool etc.

Responses
200
Action(s) created sucessfully
*/*
400
Action(s) creation failed
*/*
post
POST /v1/actions/_create HTTP/1.1
Host: access
Content-Type: */*
Accept: */*
Content-Length: 1019

{
  "requestInfo": {
    "apiId": "text",
    "ver": "text",
    "ts": 1,
    "action": "text",
    "did": "text",
    "key": "text",
    "msgId": "text",
    "requesterId": "text",
    "authToken": "text",
    "userInfo": {
      "tenantId": "text",
      "id": 1,
      "userName": "text",
      "mobile": "text",
      "email": "text",
      "primaryrole": [
        {
          "name": "text",
          "description": "text",
          "id": 1,
          "code": "text",
          "createdBy": 1,
          "createdDate": "2025-06-06",
          "lastModifiedBy": 1,
          "lastModifiedDate": "2025-06-06"
        }
      ],
      "additionalroles": [
        {
          "tenantId": "text",
          "roles": [
            {
              "name": "text",
              "description": "text",
              "id": 1,
              "code": "text",
              "createdBy": 1,
              "createdDate": "2025-06-06",
              "lastModifiedBy": 1,
              "lastModifiedDate": "2025-06-06"
            }
          ]
        }
      ]
    }
  },
  "actions": [
    {
      "id": 1,
      "name": "text",
      "queryParams": "text",
      "url": "text",
      "parentModule": 1,
      "orderNumber": 1,
      "displayName": "text",
      "enabled": true,
      "createdBy": 1,
      "createdDate": "2025-06-06",
      "lastModifiedBy": 1,
      "lastModifiedDate": "2025-06-06",
      "tenantId": "text",
      "serviceCode": 1
    }
  ],
  "actionMaster": "text",
  "enabled": true,
  "featureIds": [
    1
  ],
  "leftIcon": "text",
  "navigationURL": "text",
  "rightIcon": "text",
  "roleCodes": [
    "text"
  ],
  "tenantId": "text"
}
{
  "responseInfo": {
    "apiId": "text",
    "ver": "text",
    "ts": 1,
    "resMsgId": "text",
    "msgId": "text",
    "status": "SUCCESSFUL"
  },
  "actions": [
    {
      "id": 1,
      "name": "text",
      "queryParams": "text",
      "url": "text",
      "parentModule": 1,
      "orderNumber": 1,
      "displayName": "text",
      "enabled": true,
      "createdBy": 1,
      "createdDate": "2025-06-06",
      "lastModifiedBy": 1,
      "lastModifiedDate": "2025-06-06",
      "tenantId": "text",
      "serviceCode": 1
    }
  ]
}

Update existing action(s).

put

To update the existing action(s) in the system.

Body
actionMasterstringOptional

action master

enabledbooleanOptional

if enabled or not

featureIdsinteger[]Optional

unique id for feature

leftIconstringOptional

left icon

navigationURLstringOptional

url for navigating

rightIconstringOptional

right icon

roleCodesstring[]Optional

codes specifying role

tenantIdstringOptional

Unique Identifier of the tenant, Like AP, AP.Kurnool etc.

Responses
200
Update action(s) successful
*/*
400
Update action(s) failed
*/*
put
PUT /v1/actions/_update HTTP/1.1
Host: access
Content-Type: */*
Accept: */*
Content-Length: 1019

{
  "requestInfo": {
    "apiId": "text",
    "ver": "text",
    "ts": 1,
    "action": "text",
    "did": "text",
    "key": "text",
    "msgId": "text",
    "requesterId": "text",
    "authToken": "text",
    "userInfo": {
      "tenantId": "text",
      "id": 1,
      "userName": "text",
      "mobile": "text",
      "email": "text",
      "primaryrole": [
        {
          "name": "text",
          "description": "text",
          "id": 1,
          "code": "text",
          "createdBy": 1,
          "createdDate": "2025-06-06",
          "lastModifiedBy": 1,
          "lastModifiedDate": "2025-06-06"
        }
      ],
      "additionalroles": [
        {
          "tenantId": "text",
          "roles": [
            {
              "name": "text",
              "description": "text",
              "id": 1,
              "code": "text",
              "createdBy": 1,
              "createdDate": "2025-06-06",
              "lastModifiedBy": 1,
              "lastModifiedDate": "2025-06-06"
            }
          ]
        }
      ]
    }
  },
  "actions": [
    {
      "id": 1,
      "name": "text",
      "queryParams": "text",
      "url": "text",
      "parentModule": 1,
      "orderNumber": 1,
      "displayName": "text",
      "enabled": true,
      "createdBy": 1,
      "createdDate": "2025-06-06",
      "lastModifiedBy": 1,
      "lastModifiedDate": "2025-06-06",
      "tenantId": "text",
      "serviceCode": 1
    }
  ],
  "actionMaster": "text",
  "enabled": true,
  "featureIds": [
    1
  ],
  "leftIcon": "text",
  "navigationURL": "text",
  "rightIcon": "text",
  "roleCodes": [
    "text"
  ],
  "tenantId": "text"
}
{
  "responseInfo": {
    "apiId": "text",
    "ver": "text",
    "ts": 1,
    "resMsgId": "text",
    "msgId": "text",
    "status": "SUCCESSFUL"
  },
  "actions": [
    {
      "id": 1,
      "name": "text",
      "queryParams": "text",
      "url": "text",
      "parentModule": 1,
      "orderNumber": 1,
      "displayName": "text",
      "enabled": true,
      "createdBy": 1,
      "createdDate": "2025-06-06",
      "lastModifiedBy": 1,
      "lastModifiedDate": "2025-06-06",
      "tenantId": "text",
      "serviceCode": 1
    }
  ]
}

Validate a particular action for a given tenant and roles of the tenant

post

Validate a particular action for a given tenant and roles of the tenant.

Body
Responses
200
Successful response without any content
*/*
400
Invalid input.
*/*
post
POST /v1/actions/_validate HTTP/1.1
Host: access
Content-Type: */*
Accept: */*
Content-Length: 833

{
  "requestInfo": {
    "apiId": "text",
    "ver": "text",
    "ts": 1,
    "action": "text",
    "did": "text",
    "key": "text",
    "msgId": "text",
    "requesterId": "text",
    "authToken": "text",
    "userInfo": {
      "tenantId": "text",
      "id": 1,
      "userName": "text",
      "mobile": "text",
      "email": "text",
      "primaryrole": [
        {
          "name": "text",
          "description": "text",
          "id": 1,
          "code": "text",
          "createdBy": 1,
          "createdDate": "2025-06-06",
          "lastModifiedBy": 1,
          "lastModifiedDate": "2025-06-06"
        }
      ],
      "additionalroles": [
        {
          "tenantId": "text",
          "roles": [
            {
              "name": "text",
              "description": "text",
              "id": 1,
              "code": "text",
              "createdBy": 1,
              "createdDate": "2025-06-06",
              "lastModifiedBy": 1,
              "lastModifiedDate": "2025-06-06"
            }
          ]
        }
      ]
    }
  },
  "validateAction": {
    "tenantRole": {
      "tenantId": "text",
      "roles": [
        {
          "name": "text",
          "description": "text",
          "id": 1,
          "code": "text",
          "createdBy": 1,
          "createdDate": "2025-06-06",
          "lastModifiedBy": 1,
          "lastModifiedDate": "2025-06-06"
        }
      ]
    },
    "actionUrl": "text"
  }
}
{
  "responseInfo": {
    "apiId": "text",
    "ver": "text",
    "ts": "text",
    "resMsgId": "text",
    "msgId": "text",
    "status": "text"
  },
  "actionValidation": {
    "allowed": true
  }
}

Create mapping for feature and role.

post

Create mapping for feature and role.

Body
roleIdstringRequired

List of Role Id to be provided for mapping it to feature.

tenantIdstringRequired

Unique Identifier of the tenant, Like AP, AP.Kurnool etc.

Responses
200
Successful response
*/*
400
Invalid input.
*/*
post
POST /v1/feature-role/_create HTTP/1.1
Host: access
Content-Type: */*
Accept: */*
Content-Length: 285

{
  "RequestInfo": {
    "apiId": "text",
    "ver": "text",
    "ts": "text",
    "action": "text",
    "did": "text",
    "key": "text",
    "msgId": "text",
    "requesterId": "text",
    "authToken": "text"
  },
  "roleId": "text",
  "feature": {
    "id": 1,
    "code": 1,
    "name": "text",
    "description": "text",
    "serviceCode": 1,
    "tenantId": "text"
  },
  "tenantId": "text"
}
{
  "RequestInfo": {
    "apiId": "text",
    "ver": "text",
    "ts": "text",
    "resMsgId": "text",
    "msgId": "text",
    "status": "text"
  },
  "role": {
    "id": 1,
    "name": "text"
  },
  "feature": {
    "id": 1,
    "code": 1,
    "name": "text",
    "description": "text",
    "serviceCode": 1,
    "tenantId": "text"
  }
}

Get the list of roles based on role codes.

post

Get the list of roles based on role codes in the input parameters.

Query parameters
codestring[]Optional

The list of comma separated codes to filter Roles against. No providing any would end up in all Roles as there is nothing to filter against

Body
Responses
200
Successful response
*/*
400
Invalid input.
*/*
post
POST /v1/roles/_search HTTP/1.1
Host: access
Content-Type: */*
Accept: */*
Content-Length: 602

{
  "RequestInfo": {
    "apiId": "text",
    "ver": "text",
    "ts": 1,
    "action": "text",
    "did": "text",
    "key": "text",
    "msgId": "text",
    "requesterId": "text",
    "authToken": "text",
    "userInfo": {
      "tenantId": "text",
      "id": 1,
      "userName": "text",
      "mobile": "text",
      "email": "text",
      "primaryrole": [
        {
          "name": "text",
          "description": "text",
          "id": 1,
          "code": "text",
          "createdBy": 1,
          "createdDate": "2025-06-06",
          "lastModifiedBy": 1,
          "lastModifiedDate": "2025-06-06"
        }
      ],
      "additionalroles": [
        {
          "tenantId": "text",
          "roles": [
            {
              "name": "text",
              "description": "text",
              "id": 1,
              "code": "text",
              "createdBy": 1,
              "createdDate": "2025-06-06",
              "lastModifiedBy": 1,
              "lastModifiedDate": "2025-06-06"
            }
          ]
        }
      ]
    }
  }
}
{
  "responseInfo": {
    "apiId": "text",
    "ver": "text",
    "ts": 1,
    "resMsgId": "text",
    "msgId": "text",
    "status": "SUCCESSFUL"
  },
  "roles": [
    {
      "name": "text",
      "description": "text",
      "id": 1,
      "code": "text",
      "createdBy": 1,
      "createdDate": "2025-06-06",
      "lastModifiedBy": 1,
      "lastModifiedDate": "2025-06-06"
    }
  ]
}

Create a new role.

post

To create new Role(s) in the system.

Body
Responses
200
Role(s) created sucessfully
*/*
400
Role(s) creation failed
*/*
post
POST /v1/roles/_create HTTP/1.1
Host: access
Content-Type: */*
Accept: */*
Content-Length: 762

{
  "requestInfo": {
    "apiId": "text",
    "ver": "text",
    "ts": 1,
    "action": "text",
    "did": "text",
    "key": "text",
    "msgId": "text",
    "requesterId": "text",
    "authToken": "text",
    "userInfo": {
      "tenantId": "text",
      "id": 1,
      "userName": "text",
      "mobile": "text",
      "email": "text",
      "primaryrole": [
        {
          "name": "text",
          "description": "text",
          "id": 1,
          "code": "text",
          "createdBy": 1,
          "createdDate": "2025-06-06",
          "lastModifiedBy": 1,
          "lastModifiedDate": "2025-06-06"
        }
      ],
      "additionalroles": [
        {
          "tenantId": "text",
          "roles": [
            {
              "name": "text",
              "description": "text",
              "id": 1,
              "code": "text",
              "createdBy": 1,
              "createdDate": "2025-06-06",
              "lastModifiedBy": 1,
              "lastModifiedDate": "2025-06-06"
            }
          ]
        }
      ]
    }
  },
  "roles": [
    {
      "name": "text",
      "description": "text",
      "id": 1,
      "code": "text",
      "createdBy": 1,
      "createdDate": "2025-06-06",
      "lastModifiedBy": 1,
      "lastModifiedDate": "2025-06-06"
    }
  ]
}
{
  "responseInfo": {
    "apiId": "text",
    "ver": "text",
    "ts": 1,
    "resMsgId": "text",
    "msgId": "text",
    "status": "SUCCESSFUL"
  },
  "roles": [
    {
      "name": "text",
      "description": "text",
      "id": 1,
      "code": "text",
      "createdBy": 1,
      "createdDate": "2025-06-06",
      "lastModifiedBy": 1,
      "lastModifiedDate": "2025-06-06"
    }
  ]
}

Update existing role(s).

put

To update the existing role(s) in the system.

Body
Responses
200
Update role(s) successful
*/*
400
Update role(s) failed
*/*
put
PUT /v1/roles/_update HTTP/1.1
Host: access
Content-Type: */*
Accept: */*
Content-Length: 762

{
  "requestInfo": {
    "apiId": "text",
    "ver": "text",
    "ts": 1,
    "action": "text",
    "did": "text",
    "key": "text",
    "msgId": "text",
    "requesterId": "text",
    "authToken": "text",
    "userInfo": {
      "tenantId": "text",
      "id": 1,
      "userName": "text",
      "mobile": "text",
      "email": "text",
      "primaryrole": [
        {
          "name": "text",
          "description": "text",
          "id": 1,
          "code": "text",
          "createdBy": 1,
          "createdDate": "2025-06-06",
          "lastModifiedBy": 1,
          "lastModifiedDate": "2025-06-06"
        }
      ],
      "additionalroles": [
        {
          "tenantId": "text",
          "roles": [
            {
              "name": "text",
              "description": "text",
              "id": 1,
              "code": "text",
              "createdBy": 1,
              "createdDate": "2025-06-06",
              "lastModifiedBy": 1,
              "lastModifiedDate": "2025-06-06"
            }
          ]
        }
      ]
    }
  },
  "roles": [
    {
      "name": "text",
      "description": "text",
      "id": 1,
      "code": "text",
      "createdBy": 1,
      "createdDate": "2025-06-06",
      "lastModifiedBy": 1,
      "lastModifiedDate": "2025-06-06"
    }
  ]
}
{
  "responseInfo": {
    "apiId": "text",
    "ver": "text",
    "ts": 1,
    "resMsgId": "text",
    "msgId": "text",
    "status": "SUCCESSFUL"
  },
  "roles": [
    {
      "name": "text",
      "description": "text",
      "id": 1,
      "code": "text",
      "createdBy": 1,
      "createdDate": "2025-06-06",
      "lastModifiedBy": 1,
      "lastModifiedDate": "2025-06-06"
    }
  ]
}

Create mapping for role and action(s).

post

Create mapping for role and action(s).

Body
tenantIdstringRequired

Unique Identifier of the tenant, Like AP, AP.Kurnool etc.

Responses
200
Role - Action(s) mapping created sucessfully
*/*
400
Role - Action(s) mapping failed
*/*
post
POST /v1/role-actions/_create HTTP/1.1
Host: access
Content-Type: */*
Accept: */*
Content-Length: 1041

{
  "requestInfo": {
    "apiId": "text",
    "ver": "text",
    "ts": 1,
    "action": "text",
    "did": "text",
    "key": "text",
    "msgId": "text",
    "requesterId": "text",
    "authToken": "text",
    "userInfo": {
      "tenantId": "text",
      "id": 1,
      "userName": "text",
      "mobile": "text",
      "email": "text",
      "primaryrole": [
        {
          "name": "text",
          "description": "text",
          "id": 1,
          "code": "text",
          "createdBy": 1,
          "createdDate": "2025-06-06",
          "lastModifiedBy": 1,
          "lastModifiedDate": "2025-06-06"
        }
      ],
      "additionalroles": [
        {
          "tenantId": "text",
          "roles": [
            {
              "name": "text",
              "description": "text",
              "id": 1,
              "code": "text",
              "createdBy": 1,
              "createdDate": "2025-06-06",
              "lastModifiedBy": 1,
              "lastModifiedDate": "2025-06-06"
            }
          ]
        }
      ]
    }
  },
  "role": {
    "name": "text",
    "description": "text",
    "id": 1,
    "code": "text",
    "createdBy": 1,
    "createdDate": "2025-06-06",
    "lastModifiedBy": 1,
    "lastModifiedDate": "2025-06-06"
  },
  "actions": [
    {
      "id": 1,
      "name": "text",
      "queryParams": "text",
      "url": "text",
      "parentModule": 1,
      "orderNumber": 1,
      "displayName": "text",
      "enabled": true,
      "createdBy": 1,
      "createdDate": "2025-06-06",
      "lastModifiedBy": 1,
      "lastModifiedDate": "2025-06-06",
      "tenantId": "text",
      "serviceCode": 1
    }
  ],
  "tenantId": "text"
}
{
  "responseInfo": {
    "apiId": "text",
    "ver": "text",
    "ts": 1,
    "resMsgId": "text",
    "msgId": "text",
    "status": "SUCCESSFUL"
  },
  "roleActions": [
    {
      "roleCode": "text",
      "actionId": 1,
      "tenantId": "text"
    }
  ]
}