Authorization

The Control API uses role-based access control (RBAC) for regulating access to API resources.

This is swagger docs for managing role-based access to API resources:

Copy
Copied
https://zam.zdata.io/docs/index.html
Warning:

This api might be incomplete for external usage.
You can contact Aritma support if you need to update RBAC permissions.

RBAC

A client or user can be assigned access to any of the following resources. Child resources inherit all permissions assigned to parent resources.

The flowchart below describes the resource hierarchy of Control, Bank and ERP resources:

Note:

Any child resources of the resources display will derive their access permission from their parents.

ZData
Subsciption
Resource
Group
Erp Hub
Connection
Erp Hub
Client
Control
Agreement
Reconcile
Group
Open Banking
Company

Roles

Roles describe what actions a client or user can execute on a resource.

Example:

If a client has Read access to a Control Agreement, the client or user will be able to GET requests to retrieve information about that agreement, or do GET requests to retrieve any child resources of that agreement, such as Companies or Transactions.

Role Description
Owner Contributor permissions and access to manage RBAC of resource
Manage Contributor permissions and access to manage RBAC of resource
Contributor Read and write access to resource
Read Read access to resource
Write Write access to resource