Policy: Authorize by Role
Use the Authorize by Role policy to authorize a request based on a role associated with the client. Unauthorized requests are rejected with a 403 Forbidden error.
Policy execution order
This policy executes after the request has been authenticated.
| Field | Description |
|---|---|
| Label | Required. The name for the API policy.
Default value: Authorize By Role Example: Task authorize by role |
| When this policy should be applied | An expression enabled field that determines the condition to be fulfilled for the API policy to execute.
Example: If the value of this parameter is |
| Roles | The list of role names that should be authorized to access tasks. If the client is in any of these roles, the request is allowed to continue. |
| Role | The name of the role. |
| Condition | An expression that checks additional conditions that must be true before the request will be authorized. |
| Status | Specifies whether the API policy is enabled or disabled.
Default value: Enabled Example: Disabled |