API Reference
Monta.comGuidesAPI ReferenceChangelog

Access Control

Depending on your credentials setup, you will have access to either:

  • all resources within your operator account
  • OR all resources from defined teams only within your operator account

Access to all resources within operator

If no team restrictions are present (consumer.teamIds is empty) you can access any resource within your operator (consumer.operatorId).

Restrict access to resources from specific teams

If team restrictions are present (consumer.teamIds contains a list of team ids) you can access any resource within the listed teams.

You can use the /auth/me endpoint to retrieve information about scope, restrictions on teams etc. A sample response looks like:

{  
  "name": "Partner API Demo",  
  "operatorId": 42,  
  "teamIds": [],  
  "clientId": "73d86c7f-48de-4a0f-bd3c-da243e16b630",  
  "rateLimit": 1000,  
  "rateLimitIntervalInSeconds": 600,  
  "scopes": [  
    "all:delete"  
  ]  
}

This credential has access to all resources within operator with id 42 (no restrictions on teamIds). Since the scopes collection contains all:delete, you can call any of our endpoints with this.