Siebel REST API Guide > Overview of Using the Siebel REST API >

About Access Controls for Siebel Business Component REST Requests

Access Controls refer to the set of Siebel Business Applications mechanisms that control users access to data and application functionality. For more information about access controls, see Siebel Security Guide.

Siebel implements access controls for business component data by using the ViewMode query parameter. The business component ViewMode query parameter defines the access control for a business component in a view and decides which users can access what portion of the data. The following fields in the BusComp View Modes list in Siebel Tools determine allowable visibility for a business component. For more information about View Mode, see Siebel Security Guide.

• Owner Type. This field specifies the party type, with one exception (described in the following list), that is used to determine whether a user is associated with a record. Specifies the owner of the records in the current view mode. The allowable owner types are:
  • Person. Access control can be based on the user's Person record.
  • Position. Access control can be based on the position of the user.
  • Organization. Access control can be based on the organization of the user, as determined by the organization to which the user's current position belongs.
  • Group. Access control can be based on membership in access groups that have access to particular catalogs and categories.
  • Catalog Category. Catalog Category is not a party type. Access can be restricted to all of the data in all of the categories across catalogs to which the user has access. This data includes data in public categories and data in private categories to which the user's access groups have access. The user sees a flat (uncategorized) list of data.
• Name. The name typically suggests the view mode.
  • Personal. This name is typically used when Owner type is Person.
  • Sales Rep. This name is typically used when Owner type is Position.
  • Organization. This name is typically used when Owner type is Organization.
  • Group. This name is typically used when Owner type is Group.
  • Catalog. This name is typically used when Owner type is Catalog.

You can only use access controls for Siebel REST API GET requests. You can use an access control by adding ViewMode= to your REST API GET request URL. The URL format is same for both JSON and XML REST requests. The ViewMode query parameter used in the URL is case sensitive. If the ViewMode query parameter is not specified in the URL, by default ViewMode=Sales Rep is used. ViewMode=All is not supported for REST requests.

You can use the ViewMode query parameter on the following:

• Siebel Business Objects. The Siebel Business Objects catalog contains a list of all Business Objects exposed as Base Integration Objects. The following is an example of a Siebel Business Objects URL request with a ViewMode query parameter:

  host-name/siebel/v1.0/data/Account/Account/?ViewMode="Sales Rep"

• Siebel Repository Objects. The Siebel Repository Objects catalog contains lists of all repository types and catalog links to their children. The following is an example of a Siebel Repository Objects URL request with a ViewMode query parameter:

  host-name/siebel/v1.0/workspace/MyWorkspace/Applet/SIS Account List Applet?ViewMode="Personal"