Excerpt |
---|
Use unique, user-specific ApiSessionKeys to limit API data access |
The dialogportal™ REST API Data Isolation security feature locks down data access, allowing authenticated entities (users) access to only their own data, and that of contract-defined relations such as parents and children. Once Data Isolation is enabled for an application, all API requests will require a valid ApiSessionKey, and the request will be validated against the entity associated with the ApiSessionKey.
...