Authorization

After a request is authenticated, an authorization check will be performed using the Access Key that is part of the request. This Access Key will be used to control how much data will be returned to the client based on the account delegation configuration on the Slingshot Portal Server.

An additional authorization check will be performed at the URI level to ensure that only the allowed HTTP verbs for each URI are being sent.

Failed authorization attempts will result in one of the following responses:

401, Unauthorized
403, Forbidden
405, Method Not Allowed