Announcement: You can find the guides for Commerce 7.5 and later on the new Elastic Path Documentation site. This Developer Center contains the guides for Commerce 6.13.0 through 7.4.1.Visit new site

This version of Elastic Path Commerce is no longer supported or maintained. To upgrade to the latest version, contact your Elastic Path representative.

Default Roles and Permissions of Cortex API Resources

Default Roles and Permissions of Cortex API Resources

Resource permission files are located at rest-resources\RESOURCE\src\main\resources\OSGI-INF\config

Out of the box, Cortex API resources have these roles and permissions:

Resource Default Roles and Permissions
assets
relos.role.PUBLIC=LINK:*;READ:itemdefinitions;READ:{scope}
availabilities
relos.role.PUBLIC=LINK,READ:*
carts
relos.role.PUBLIC=LINK:*;CREATE,READ,UPDATE,DELETE:items;CREATE,READ,UPDATE,DELETE:{scope}:default
relos.role.OWNER=CREATE,READ,UPDATE,DELETE:{scope}:{cartId}
items
relos.role.PUBLIC=LINK:*;READ:{scope}
itemdefinitions
relos.role.PUBLIC=LINK:*;READ:{scope}
itemselections
relos.role.PUBLIC=LINK:*;READ,CREATE:{scope}
navigations
relos.role.PUBLIC=LINK:*,READ:{scope}
orders
relos.role.PUBLIC=LINK:*
relos.role.OWNER=CREATE,READ:{scope}:{orderId}
paymentmethods
relos.role.PUBLIC=LINK:*;READ,CREATE:{scope}:default:selector:orders;READ:selector:orders;READ:{scope}:creditcards:form;READ:{scope}:creditcards:tests:form;READ:{scope}:default;READ:{scope}:EOL;READ:orders
relos.role.OWNER=READ,CREATE:{scope}:{paymentMethodId}:selector:orders;READ:{scope}:{paymentMethodId}
prices
relos.role.PUBLIC=LINK,READ:*
profiles
relos.role.PUBLIC=LINK:*;READ:{scope}:default
relos.role.OWNER=CREATE,READ,UPDATE,DELETE:{scope}:{profileId}
purchases
relos.role.PUBLIC=LINK:*;READ:{scope}:EOL;CREATE,READ:orders
relos.role.OWNER=READ:{scope}:{purchaseId}
recommendations
relos.role.PUBLIC=LINK:*;READ:{scope};READ:items:*;READ:navigations:*
registrations
relos.role.PUBLIC=LINK:*;CREATE:{scope}:subscription:{unauthenticated};READ:{scope}:subscription:form;READ:{scope}:newaccount:form;CREATE:{scope}:newaccount:{unauthenticated}
searches
relos.role.PUBLIC=LINK:*;READ,CREATE:{scope}
shipmentdetails
relos.role.PUBLIC=LINK:*
relos.role.OWNER=LINK:*;CREATE,READ:{scope}:{shipmentDetailsId}
slots
relos.role.PUBLIC=LINK:*;READ:{scope}
taxes
relos.role.PUBLIC=LINK,READ:*
totals
relos.role.PUBLIC=LINK,READ:*