Access Rights Configuration

The MSI interface of system:inmation is implemented via the WebAPI and uses the provided access control mechanism as follows:

In order to connect with the MSI interface, an access token is required, which is issued on a 'per user' basis. 'User' in this case does not refer to a specific person, but to a user account within the system.

This system account sends and reads data from the MessageProcessor object created within the I/O Model.

So in the direction MES-to-SF this is a write operation and in the direction SF-to-MES this is a read operation. Therefore the user needs write and read access on the MessageProcessor object. If the connected user doesn’t have sufficient user rights, the http request will return an error 401 with an additional error message.

Access Rights are managed in the Access Model. For detailed information regarding the administration of Access Rights, please see Access Model Hands On.

Access Rights Configuration - IO-Model
Figure 1. Access Rights