Skip to main content
Skip table of contents

Authentication and Permission

This document outlines the authentication and permission mechanism for the D3 API, ensuring secure access and control over API requests. The authentication process involves generating a webhook key and verifications, which are essential for making REST API requests. The steps and components involved in the authentication process are detailed below

API Level Authentication

  1. Generated Webhook Key Information:

    • The webhook key and related information necessary for making API requests will be displayed under the selected command name.

    • Users can easily copy these values using the Copy button next to each parameter.

  2. Request URL:

    • The request URL for the API request is provided.

  3. Request Header Key:

    • The request header key required to authenticate the API request.

  4. Request Header Value:

    • The request header value needed to authenticate the API request.

  5. Request Body (Sample):

    • A sample body data for the API request is provided. It is crucial to note that input parameters for different utility commands vary.

    • Users must construct the body data with the correct structure for their specific request.

    • The provided sample body data serves as a template to help build the correct body data.

    • Additional Verification for Utility Commands

      In addition to the key-based authentication, certain utility commands require further verification of the user’s input, specifically the username and site. This additional layer of security ensures that users have the necessary permissions to access specific incidents and sites.

Command Level Permission

  1. Username Verification:

    • Certain commands verify whether the username provided in the request has the necessary authority to access the specified incident. This step ensures that only authorized users can interact with particular incidents within the system.

  2. Site Verification:

    • Certain commands verify whether the user possesses the necessary permissions to access the specified site, thereby preventing unauthorized access to site-specific data and operations. For client sites, the site information must strictly match the incident site. For internal sites, users may access incidents across different sites provided they have the appropriate permissions.

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close