Web Service Roles in the Client Context

If a customer client application is running in a secured environment, you can consider using standard roles for the execution of a web service.

The use of the roles can be controlled:

• In the 'Web Service' editor using the 'User web service roles (standard)' check box.

  If selected, only the authorization roles with the 'Used in Clients: Web Service/All Clients' setting will be applied. If clear, only the roles with the

  'Used in Clients: Rich and Web/All Clients' setting will be applied.

• In the 'Web Service Clients' editor using the 'Options in Client Context' button and the ''Use web service roles (client specific)' checkbox.

  Here you can prioritize the roles of the assigned user in the context of a specific web service client. If unselected, the roles with the

  'Used in Clients: Rich and Web/All Clients' setting will be applied.

Note: The usage of the web service roles should only be disabled if the standard roles are restrictive enough or the client access is secured, for example the internal interface without UI.

Example:

1. Let's take the 'WS_REST_CreateTicket' as a sample web service.

   By default, this web service uses the 'web service' roles which should be very restrictive. But if the environment is secured enough, you can decide to use the standard roles.

2. Open your web service client which has the 'WS_REST_CreateTicket' web service assigned.
3. Click the 'Options in Client Context' button located at the bottom of the Web Services tab.

   A new dialog box appears.

4. Clear the 'Use web service roles (client specific)' checkbox to override the web service roles.

   Now when the assigned user requests the 'WS_REST_CreateTicket' service, the 'web service' roles will be ignored and the web service will be executed with the standard roles of the assigned user.