GuidesChangelog
HomeLog In
Guides

Authorization profiles

Authorization profiles

In general there are two main authorization profiles:

  1. Supplier (Supplier API): The default authorization profile for applications of suppliers, using supplier permissions to the Floriday modules and features. All Supplier API endpoints can be accessed.
  2. Customer (Customer API): The default authorization profile for applications of customers, using customer permissions to the Floriday modules and features. All Customer API endpoints can be accessed.

An additional authorization profile is available for External Warehouses via the Supplier API:

  1. External Warehouse (Supplier API): The authorization profile for applications of fulfillment by 'External warehouses' for other suppliers (e.g. import agents, grower organizations).
    These applications have permissions to the Floriday modules and features on a logistic warehouse-level. Therefore, supplier API endpoints that can be accessed by this authorization profile are limited. See Authorization External Warehouses for more information.


Scopes

Together with the provision of the JWT; the period of validity and the permissions should be provided by means of 'scopes'. The scopes (permissions) apply to the authorization for organizations to Floriday modules, features and resources.

The scopes should always be used when making API calls. Please refer to the swaggers docs for the scopes of every endpoint.



Authorization External warehouses

External warehouses have the following permissions.

ModulePermissionsResourcesExternal Warehouse
catalogRead permissions for the catalog moduleadditional-services
commercial service types
custom packing
trade-items
(1)
delivery-conditionsRead permissions the delivery conditions moduledelivery condition sets
fulfillmentRead permissions for the fulfillment moduledelivery orders
delivery order stickers
fulfillment orders
fulfillment order corrections
fulfillment orders inbound
fulfillment order logistic-label
fulfillment requests
fulfillmentWrite permissions for the fulfillment moduledelivery orders goods movement
delivery orders auction
fulfillment orders
fulfillment orders mark goods receipt
fulfillment order corrections
fulfillment requests
organizationRead permissions for the organization moduleorganizations
warehouses
stickerRead permissions for the sticker modulecustomer stickers
customer sticker metadata
stickerWrite permissions for the sticker modulecustomer stickers mark handled
stockRead permissions for batchesbatches(2)
stockWrite permissions for the batchesbatches(2)
webhooksWrite permissions for webhookswebhooks

(1) External warehouses are authorized to have read access for the catalog resources. They can only retrieve catalog resource by ID, based on batches that are to be delivered to, from or located on the external warehouse.
(2) External warehouses are authorized to have read and write access for the 'batches' resource. Batches need to be delivered to, from or located on the external warehouse. External warehouses are authorized to get, correct or repack batches.