Rest API Permissions
The xeebo rest api requires permissions for use the different api methods. This means a user must give the right permission for access the different resources. This permissions must get accepted from the user at the login page.
Note: if a user doesn't accept the permission by canceling the authentication, the user get redirected to the cancel page defined in the redirect_url. This means there is no way to accept an authentication without the required permission.
If a user accepts some permissions and you will call an api method with different permissions, the api call will fail with an error message. This means, you should make sure that you allways use all the permissions a user will need.
If you didn't ask for the correct permissions, you can allways explicit force the user to re-authenticate again by redirect to the oauth page just as you whould for get an initial access_token.
|application||Allows to interact with job applications|
|candidate||Allows to search and view anonymous candidate profiles|
|dossier||Allows to search and view shared dossiers|
|message||Allows to send and receive messages|
|publish||Allows to create and manage job publications|
|public||Allows to use the xeebo api|