ALERT: Some images may not load properly within the Knowledge Base Article. If you see a broken image, please right-click and select 'Open image in a new tab'. We apologize for this inconvenience.

REST API not working as expected with Secured Attributes

book

Article ID: 238710

calendar_today

Updated On:

Products

Clarity PPM On Premise Clarity PPM SaaS

Issue/Introduction

In the Classic UX, when we secure an attribute by placing it on the Secured sub-page, users who do not have access to the secured sub-page cannot read/write info from/into the attribute (even on the list layout). However, using the REST API, the same user account is able to read/update data from/to a field even if it is placed on a secured sub-page.

Cause

Secure subpages is a Classic UX view-level security feature that does not apply to the Modern UX/REST API.

Environment

Release : 16.0.0

Component : Clarity XOG and REST API

Resolution

In order to secure attributes in the Modern UX and the REST API, the attribute should be secured from Modern UX > Administration > Attributes > (attribute) > Secure.