Security & Permissions

Permissions can be setup from the main system. This will enable the system administrator to make provision for developers to only access specific endpoints, or to control which payrolls they have access to.

Only users with Full System access will be able to access any endpoints. ESS/MSS users will not be allowed to authenticate.

Set up a new user

The user setup for API's are the same as setting up a user in the main system. You can set up a user to access the PSIberAPI by logging into PSIber and navigating to Company Setup & Maintenance > Company Setup > Security / User Access.

Add a new user by clicking the + icon

API User Groups

You can control the individual access points a user has access to by clicking on the 'API User Group' tab in the same section.

Admin users, by default, have access to all payrolls and endpoints. If you would like to control access to the individual access points, you can change the Admin User setting to 'No' in the User Setup screen.

Payroll Permissions

In order to limit the payrolls that a user has access to, create a new Payroll Group in the Payroll Groups Setup Tab.

Create a new Role and assign the created Payroll Group to that Role

Assign the user the newly created role

Accessing API's with Limited Access

The PSIberAPI will first check if the API Endpoint is accessible to the user. If the user does not have access, the response body will return 'No permission to endpoint'

If the user does have access to the API Endpoint, the PSIberAPI will then check if the user does have access to the specified payroll. If the user does not have access, the response body will return 'No permission to payroll'.