← Back to team overview

dhis2-devs team mailing list archive

Web API security

 

Dear DHIS2 dev,
We've have a check during writing an app.

A user can get all the information of organisation unit which have not been
assigned to him through web api.

Is it possible that we can limit the access of user when he is accessing
through web API base on interception on his DHIS2 role?

Regards,

-- 
THAI Chuong
YM/Skype : thaichuong159
Phone: (+84) 918776134