Skip to main content Link Menu Expand (external link) Copy Copied
Ons API

Right Syntax Requirements

External applications can use Ons Autorisatie to integrate their authorizations within Ons. Rights to be used in the application can be registered in the API Dashboard. See Using Ons Autorisatie for more information.

Rights registered in Ons Autorisatie follow a strict syntax. When this syntax is not followed, the right will be denied. Here we will lay out the syntax requirements for each of the fields that need to be filled in when requesting an Ons Autorisatie right.

Right identifier

Rights should be described by the data, action or element it unlocks, as fine-grained as possible. The name of a right describes two things:

  • The element or data it involves: For example: Medical notes
  • The action on that element: View, Assign, Create, Drop, Send, …

Note that the right identifier may only contain lowercase or uppercase letters.

The right should be prefixed by a unique identifier, preferably the name of the connector.

Good names for rights are for example:

  • ExternalConnectorClientMedicalNoteView
  • ExternalConnectorClientLocationAssignmentCreate

It is also possible to define a broader right that defines whether or not a user can access an external application. For example: ExternalIntegrationAccess, replacing ExternalIntegration with the name of the external integration.

Dutch description

The description gives more information about the right to the customer’s administrator. It is displayed in OnsAutorisatie as extra clarification. This field should be in Dutch.

English description

An English translation of the Dutch description.

Dutch name

The name of a task should conform to some syntax rules:

  • It always starts with a (singular) subject on which it operates (for example, Document)
  • Next, an optional scope is supplied, in square brackets (for example, [van een cliënt])
  • The name ends with an operation (for example, verwijderen)

The complete name in this example would therefore be Document [van een cliënt] verwijderen. Another example would be Het wachtwoord [van een medewerker] wijzigen.

It is currently impossible to request rights that determine whether a User can access an application (e.g. “Toegang tot Applicatie X”) without a scope of clients.

English name

The ordering for English names is different:

  • Operation
  • Optional scope
  • Subject

The same examples provided for the Dutch names would be as follows in English:

  • Delete [client] document
  • Change [employee] password
  • Access to NameOfExternalIntegration
  • View [a client] and/or [an employee] agenda