API permissions with MageBridge
Within Magento, you need to create an API-user for usage with MageBridge. This API-user is connected to an API-role, and this API-role implies a set of permissions (Role Resources) to certain parts of Magento. To make it easy to configure, we recommend to select just all permissions for the API-user. But if you want to increase security, you need to know which resources are needed to run MageBridge. Here's a listing.
What kind of API resources are needed?
Note that this configuration is experimental and needs thorough testing before putting it into production
Within the Magento Admin Panel you can navigate to System > Web Services > Roles and select the current API user used within your MageBridge configuration. Under Role Resources you can select all resources (All) or select on those which are needed (Custom).
The resources are shown in a tree-like structure. As main categories you will find things like Catalog, Sales, Customers but also MageBridge. The actual number of resource categories depends on the Magento modules installed in your instance.
MageBridge API Resources
While MageBridge uses its own API to utilize the main tasks like user synchronization, Single Sign On, remote browsing and event forwarding, still in some circumstances the original Magento API is used. For instance, MageBridge API Widgets will use most of the time the regular Magento API (through XML-RPC).
As a minimum the API User needs to have access to the resources under MageBridge. If you just click on the box MageBridge, all child-elements will be selected right away.
Other API Resources
This is more complex. The PHP-code in Joomla! is able to utilize both the special MageBridge API as well as the regular Magento API.
At the time of writing the only extra resource needed by MageBridge is "Customer > Retrieve Customers Info" (customer_customer.list plus customer_group.list), while all other resources are wrapped through the resource-group MageBridge. By looking searching the Joomla! code for the string "getAPI" you will find most if not all API-calls.
We expect more resources to be added in the future. These resources will most likely include the resource-group Customers (used by the upcoming MageBridge User Manager), but certainly not the resource-group Sales.
Created on Tuesday, 02 March 2010Modified on Wednesday, 03 February 2010
More tutorials in this section
- Setting the MageBridge URLs in Magento
- Disabling user synchronization in MageBridge
- Importing and exporting users
- Using the MageBridgeLinks/JCE-plugin
- Best practices with MageBridge
- Using MageBridge Product Connectors
- Migrating users between Joomla! and Magento
- Using MageBridge stores to load a different Magento theme
- Using the MageBridge Content Plugin
- MageBridge SEO Guide
- Removing MageBridge
- Step-by-step: Adding a custom Magento block
- Managing MageBridge extensions
- How to use URL-suffices with MageBridge?
- Step-by-step: Create a Magento API user
- Step-by-step: Activating MageBridge plugins
- Step-by-step: Creating a MageBridge Menu-Item
- API permissions with MageBridge
- Configuring payment methods in MageBridge
- Using MageBridge modules
- Authentication guide for MageBridge
- Working with MageBridge URL Replacements
- Handling Downloadable Products in MageBridge
- Handling file uploads in MageBridge
- Configuring the MageBridge Root Menu-Item
- Setting MageBridge offline through the database
- How Joomla! works with MageBridge URLs
- Migrating MageBridge from Joomla! 1.5 to Joomla! 2.5
- Using the MageBridge System Plugin