API Reference

Impersonation

You can impersonate another user when you call APIs. This option allows you to associate actions with a specific user.

ℹ️

Note

To impersonate another user, you must have the Impersonate Another User Security Function.

You have three impersonation options when calling APIs:

  • Full impersonation: Interact with Orange Logic as another user, relying on that user’s privileges.
  • Lite impersonation: Interact with Orange Logic as another user, relying on your own privileges.
  • Impersonation with the Search API.

Full impersonation

With full impersonation, you call APIs and interact with assets and features the way the user you’re impersonating can.

For example, say you want to confirm that a new user can add metadata to certain assets. First, call the Start impersonation API, entering the user’s API ID.

GET /webapi/security/authentication/startimpersonation_4CN_v1

Then, using the returned token, call a DataTable API to Change asset metadata to ensure the user can access the assets as expected.

When you’ve validated the user’s Permissions, end impersonation with the Stop impersonation call.

GET /webapi/security/authentication/stopimpersonation_4CO_v1

Lite impersonation

ℹ️

Note

To activate the lite impersonation feature, submit a support request.

With lite impersonation, you call APIs and interact with assets and features using your own privileges. However, the changes you make to assets are recorded and appear in an asset’s Audit Trail of Metadata Changes under the impersonated user’s name.

For example, say you want to transfer metadata from an external system to Orange Logic, and you want Orange Logic to reflect the users who entered or changed that metadata in the external system. Use lite impersonation to make changes as other users in a much less resource-intensive way than full impersonation.

💡

Tip

You can access an asset’s Audit Trail of Metadata Changes by calling the Asset Versioning API:

GET /webapi/versioning/assetversioning/get_asset_versioning_49U_v1

To use lite impersonation, use the following header in your API call:

X-Cortex-Save-Changes-As-User: {UserEmail(at)domain.com}

You cannot add this header in Swagger. Use an API client, such as Postman, to run this call.

Lite impersonation header in Postman

Lite impersonation header in Postman

ℹ️

Note

The X-Cortex-Save-Changes-As-User header is relevant only for APIs that make changes to the Orange Logic database, such as calls that modify an asset’s metadata, upload a new version of an asset, or create a new user Account.