Follow @bissell
Michael's blog
Michael's resume

The API Contract
Default Formats
General API Management
Error Standards
Response Codes
Cherry Picking
Change Logs

Conveniences and Path Variables

Filters can be programmatically applied to path variables. For example, we may have a top-level collection called /agreements which can be filtered by the participating agencies in the /agreement object. I may restrict that list of items with a filter like
In order to restrict a member of Agency 456 from only being able to see their own things, we can create a convenience, or an alias, from
This allows us to restrict access to users based on the with simple pattern matching at the API frontend. If a person is only allowed to see things in /agencies/456/* they will not be able to rewrite their request to /agencies/123/* -- the front end security will block them before they even get to the actual API.

Be sure to see my blog over at Cloudenity. This week's topic: The Physical Impossibility of Migrating to the Cloud