Application Level Security

Oracle Primavera Cloud provides security at the application level. The user account you specify when sending requests to the API must be authorized to access the application and the objects requested through the API endpoints. For example, to request project information from the /project/{projectId} endpoint, you must connect to the API using an account that is authorized to access the project with the specified ID value. If the account does not have authorization to access the contents of an API endpoint, the API will return a 401 or 404 response.

There are no separate security privileges for the API. The user accounts you use to access objects through the API will abide by the same privileges assigned to the account within the application.

Refer to the Application Administration Guide for information on configuring user access to the application.