Announcement: You can find the guides for Commerce 7.5 and later on the new Elastic Path Documentation site. The Developer Center continues to support Commerce 6.13.0 through 7.4.1.Visit new site

Default Roles and Permissions of Cortex API Resources

Default Roles and Permissions of Cortex API Resources

Resource permission files are located at rest-resources\RESOURCE\src\main\resources\OSGI-INF\config

Out of the box, Cortex API resources have these roles and permissions:

Resource Default Roles and Permissions
assets
relos.role.PUBLIC=LINK:*;READ:itemdefinitions;READ:{scope}
availabilities
relos.role.PUBLIC=LINK,READ:*
carts
relos.role.PUBLIC=LINK:*;CREATE,READ,UPDATE,DELETE:items;CREATE,READ,UPDATE,DELETE:{scope}:default
relos.role.OWNER=CREATE,READ,UPDATE,DELETE:{scope}:{cartId}
items
relos.role.PUBLIC=LINK:*;READ:{scope}
itemdefinitions
relos.role.PUBLIC=LINK:*;READ:{scope}
itemselections
relos.role.PUBLIC=LINK:*;READ,CREATE:{scope}
navigations
relos.role.PUBLIC=LINK:*,READ:{scope}
orders
relos.role.PUBLIC=LINK:*
relos.role.OWNER=CREATE,READ:{scope}:{orderId}
paymentmethods
relos.role.PUBLIC=LINK:*;READ,CREATE:{scope}:default:selector:orders;READ:selector:orders;READ:{scope}:creditcards:form;READ:{scope}:creditcards:tests:form;READ:{scope}:default;READ:{scope}:EOL;READ:orders
relos.role.OWNER=READ,CREATE:{scope}:{paymentMethodId}:selector:orders;READ:{scope}:{paymentMethodId}
prices
relos.role.PUBLIC=LINK,READ:*
profiles
relos.role.PUBLIC=LINK:*;READ:{scope}:default
relos.role.OWNER=CREATE,READ,UPDATE,DELETE:{scope}:{profileId}
purchases
relos.role.PUBLIC=LINK:*;READ:{scope}:EOL;CREATE,READ:orders
relos.role.OWNER=READ:{scope}:{purchaseId}
recommendations
relos.role.PUBLIC=LINK:*;READ:{scope};READ:items:*;READ:navigations:*
registrations
relos.role.PUBLIC=LINK:*;CREATE:{scope}:subscription:{unauthenticated};READ:{scope}:subscription:form;READ:{scope}:newaccount:form;CREATE:{scope}:newaccount:{unauthenticated}
searches
relos.role.PUBLIC=LINK:*;READ,CREATE:{scope}
shipmentdetails
relos.role.PUBLIC=LINK:*
relos.role.OWNER=LINK:*;CREATE,READ:{scope}:{shipmentDetailsId}
slots
relos.role.PUBLIC=LINK:*;READ:{scope}
taxes
relos.role.PUBLIC=LINK,READ:*
totals
relos.role.PUBLIC=LINK,READ:*