What permissions are needed to make REST API calls?

Question

In short, we have internal people and apps that need to pull data from the community with API calls. Some site wide, some group specific. We don't want to give these folks the full administrator role. I *assume* there are permissions we could give to a role to allow this. (??) 
 What is needed to give people REST API read permissions only? - Kim

Former Member · Accepted Answer

REST calls are similar to using the site - actions such as creating and deleting content that requires a permission on the community site will require the same permission when attempting the same action via REST. Once a user is granted an API key, any calls they make via REST with that key are subject to the same permissions as that user.

I'm not sure your setup, if you need certain users to be making the REST calls, but whether you use accounts tied to real users or dummy accounts just for automated calls, the accounts in question need to be set up with the appropriate permissions to make those calls. If all of them need access to the same permissions, it might be best to create a role specifically for the REST app accounts to be added to, so you can manage permissions for it separately.

What permissions are needed to make REST API calls?

Top Replies