Minimal User for readonly API

Version: OJS 3.1.2

We want to setup a generic user + token to provide access to our installation. What is the strictest possible user role/rights setup to allow all API queries? The API seems to be read only currently, but that may probably change in the future - that’s why we want to setup the user as restricted as possible.

I gave the user “reader” and “indexer” rights, but that leaves the submissions query empty for example. Is there any recommendation on setting up a user like this?

Regards,
Simon

Hello @dersmon,

Have you had a look at our API documentation?
https://docs.pkp.sfu.ca/dev/api/

I’d encourage you to have a look at that first. If you don’t find a solution that you’re looking for, let us know, and we’ll see where we can go from there.

Best regards,

Roger
PKP Team

So it seems there is only a distinction for admin/non admin users?

Hello everyone,

we have the same issue. We would like to have read-only access to the whole instance for OJS and OMP, without using a token for the admin user.

This would be for the upcoming version 3.4 OJS/OMP.

Any news on this?

1 Like