AnsweredAssumed Answered

How to set REST API access privileges by role

Question asked by Yury Voloshin on Apr 24, 2019
Latest reply on Apr 26, 2019 by Yury Voloshin

Our Sugar 8.3 instance is integrated with another application (ServiceNow) using REST API, where data is sent from Sugar to ServiceNow, and ServiceNow record ids are saved in Sugar modules. If the API logs into Sugar as a non-admin user, then Sugar does not allow the API to POST data to Sugar (a "forbidden" error is returned). But if the API user is admin, then data can be saved with no problems. The Role Management dashboard shows that the non-admin role has no restrictions on modifying the relevant data fields. I'd prefer to have the API use a non-admin user account, but how can I set up a non-admin user role that is allowed to POST data to Sugar?

Outcomes