Access Permissions
If the backend has role-based security, then you must have one of the required roles. In addition, some APIs have further restrictions, as shown in the following table:
| Platform | Base Endpoint | Permissions Required |
|---|---|---|
| App Policies | /mobile/platform/appconfig/ |
You can access these operations as a social user, a virtual user, an anonymous user, or a mobile user. If you access an operation as a virtual user or a mobile user, then you must have the role that's associated with the backend. |
| Analytics Collector | /mobile/platform/analytics/ |
You can access this operation as a social user, a virtual user, an anonymous user, or a mobile user. If you access this operation as a virtual user or a mobile user, then you must have the role that's associated with the backend. |
| Analytics Data Management | /mobile/system/analyticsDataManagement/ |
Only users with the Administrator role can access the Analytics Data Management API. |
| Analytics Export | /mobile/system/analyticsExport/ |
To access this API, you must have the Analyst role. |
| Auth Token | /mobile/platform/auth/token |
Either set the Authorization header to Basic base64-client-id:client-secret or omit the header. If you omit the header, then you must provide in the form data either the client assertion and client assertion type or the client ID and client secret. |
| Database Access | /mobile/platform/database/ |
For security reasons, you can call these operations only from custom API implementations by using the custom code SDK. You can't make direct requests from client applications. This API is included in this reference merely to describe the request and response bodies for the custom code SDK calls. |
| Database Management | /mobile/system/databaseManagement/ |
You must be a team member with either the Administrator or Developer role. |
| Mobile Devices | /mobile/platform/devices/ |
You can access these operations as a social user, a virtual user, an anonymous user, or a mobile user. If you access an operation as a virtual user or a mobile user, then you must have the role that's associated with the backend. However, if you wish to set the user property, then you must be a team member with either the Administrator or Developer role. |
| Live Experience Integration | /mobile/platform/lx/ |
The authorized user can be a social user, virtual user, or a mobile user. If the authorized user is a mobile user, then the user must have a role that's associated with the backend. |
| Location | /mobile/platform/location/ |
You can access these operations as a social user, a virtual user, an anonymous user, or a mobile user. If you access an operation as a virtual user or a mobile user, then you must have the role that's associated with the backend. |
| Location Management | /mobile/system/locationManagement/ |
You must be a team member with the Administrator role. |
| Mobile Devices | /mobile/platform/devices/ |
You can access these operations as a social user, a virtual user, an anonymous user, or a mobile user. If you access an operation as a virtual user or a mobile user, then you must have the role that's associated with the backend. However, if you wish to set the user property, then you must be a team member with either the Administrator or Developer role. |
| My Profile | /mobile/platform/users/ |
You can access these operations as a social user, a virtual user, or a mobile user. If you access an operation as a virtual user or a mobile user, then you must have the role that's associated with the backend. |
| My Profile Extended Operations | /mobile/platform/extended/users/ |
For security reasons, you can call these operations only from custom API implementations by using the custom code SDK. You can't make direct requests from client applications. This API is included in this reference merely to describe the request and response bodies for the custom code SDK calls. |
| Notifications | /mobile/system/notifications |
You must be a team member with either the Administrator or Developer. |
| Storage | /mobile/platform/storage/ |
Access to these operations depend on whether the collection is shared or isolated, whether it's listed in the Security_CollectionsAnonymousAccess environment policy, and whether you need READ or READ_WRITE access. For details, see the individual operations. |