1. REST API Guide
  2. About Access Controls for Siebel Business Component REST Requests

About Access Controls for Siebel Business Component REST Requests

Access Controls refer to the set of Siebel Business Applications mechanisms that control users access to data and application functionality. For more information about access controls, see Siebel Security Guide.

Siebel CRM implements access controls for Business Component data by using the ViewMode query parameter. The Business Component ViewMode query parameter defines the access control for a Business Component in a view and decides which users can access what portion of the data. For more information about View Mode, see Siebel Security Guide.

The following fields in the BusComp View Modes list in Siebel Tools determine the allowed visibility for a Business Component.

  • Owner Type. This field specifies the party type, with one exception (described in the following list), that is used to determine whether a user is associated with a record. This field value specifies the owner of the records in the current view mode. You can use the following owner types:

    • Person. The access control can be based on the user's Person record.

    • Position. The access control can be based on the position of the user.

    • Organization. The access control can be based on the organization of the user, as determined by the organization to which the user's current position belongs.

    • Group. The access control can be based on membership in access groups that have access to particular catalogs and categories.

    • Catalog Category. Catalog Category is not a party type. Access can be restricted to all of the data in all of the categories across catalogs to which the user has access. This data includes data in public categories and data in private categories to which the user's access groups have access. The user sees a flat, or uncategorized, list of data.

  • Name. The name typically suggests the View Mode.

    • Personal. This name is typically used when Owner type is Person.

    • Sales Rep. This name is typically used when Owner type is Position.

    • Organization. This name is typically used when Owner type is Organization.

    • Group. This name is typically used when Owner type is Group.

    • Catalog. This name is typically used when Owner type is Catalog.

You can only use access controls for Siebel REST API GET requests. You can use an access control by adding the ViewMode= parameter to your REST API GET request URL. The URL format is same for both JSON and XML REST requests. The ViewMode query parameter used in the URL is case sensitive. If the ViewMode query parameter is not specified in the URL, by default ViewMode=Sales Rep is used. ViewMode=All is unsupported for REST requests.

You can use the ViewMode query parameter with the following objects:

  • Siebel Business Objects. The Siebel Business Objects catalog contains a list of all Business Objects exposed as Base Integration Objects. The following is an example of a Siebel Business Objects URL request with a ViewMode query parameter:

    host-name/siebel/v1.0/data/Account/Account/?ViewMode=Sales Rep

  • Siebel Repository Objects. The Siebel Repository Objects catalog contains lists of all repository types and catalog links to their children. The following is an example of a Siebel Repository Objects URL request with a ViewMode query parameter:

    host-name/siebel/v1.0/workspace/MyWorkspace/Applet/SIS Account List Applet?ViewMode=Personal

Configured vs Parameterized REST Request Visibility

Inbound REST requests using the “data” request type where the object of the request is to interact with actual Account/Contact/Opportunity et cetera records must, as in the user interface, use Siebel CRM’s built in visibility. For inbound REST requests visibility for is defined on the Base Integration Object in Siebel Web Tools. You can also specify visibility as a parameter to your inbound REST requests using the ViewMode parameter. The ViewMode parameter cannot override the visibility defined on the Base Integration Object.

Example of using the ViewMode parameter,

host-name/siebel/v1.0/data/Account/Account/?ViewMode=Sales Rep
Note: If you configure visibility on an Integration Object, that overrides any incoming REST request’s ViewMode parameter value.
Note: If the ViewMode user property is not specified on the Base IO, by default ViewMode=Sales Rep is used.
To Implement Visibility for an Integration Object:

  1. Select an Integration Object that needs a configured visibility setting.

  2. Add the Integration Object User Property with one of these potential values.

  3. This configuration will guide visibility for all the child Integration Components in the Integration Object.

    Integration Object User Property Name Values

    ViewMode

    • Manager

    • Sales Rep
    • Personal
    • Organization
    • Sub-Organization
    • Group
    • Catalog

  4. Test your configuration and migrate to your Production environment when satisfied the configuration works as desired.