From 7c04f21bf5fbc7433a4c96d6b46adb1e154e1374 Mon Sep 17 00:00:00 2001 From: Anna Shamray Date: Fri, 8 Mar 2024 15:30:43 +0100 Subject: [PATCH] :memo: document superuser permissions --- docs/admin/authorization.rst | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) diff --git a/docs/admin/authorization.rst b/docs/admin/authorization.rst index eb5fe55f..58033413 100644 --- a/docs/admin/authorization.rst +++ b/docs/admin/authorization.rst @@ -88,3 +88,19 @@ fields you can submit the form. Now the client who has this token can access the objects with the "Boom" object type. If you want to know how to use Objects API you can follow :ref:`api_usage` + + +Superuser permissions +---------------------- + +It's possible to set superuser permissions in Objects API. A client with such permissions +is able to request objects for all objecttypes. + +In the admin page of the Objects API go to the Token authorizations" resource and click on +a token, which should have superuser permissions. Check "is superuser" field. Now this token +has read and write permissions for all objects. + +.. warning:: + + Tokens with superuser permissions are not recommended for production. They should be used + only for test and development purposes.