User Rights and Roles
PayGate DDMS API access is subject to the same user access controls as standard PayGate users. API calls are made under the context of a PayGate user and that user must have the following user and group roles:
Group Access
The API key that is passed into each API call encodes the PayGate group that the function will act on. For example, calling the GetAllPayers() function with the API key for 'Group1' will display only Group1's payers.
The user account being used to provide API access must be a member of the Group the matches the API key. In the above example the user must be a member of the 'Group1' group.
Group Roles
Within a group, the user accessing the API must have been granted the appropriate group role to carry out the function(s). See the table below to determine which group roles are required.
API Function |
User is a Group Member |
Group Roles |
User Roles |
|
Create |
Edit |
DDMSEditPayer |
||
CreatePayer |
Yes |
Yes |
Yes |
|
UpdateFirstAmount |
Yes |
Yes |
Yes |
|
UpdateRegularAmount |
Yes |
Yes |
Yes |
|
UpdateRegularAmounts |
Yes |
Yes |
Yes |
|
UpdateFinalAmount |
Yes |
Yes |
Yes |
|
GetAllPayers |
Yes |
Yes |
Yes |
|
GetPayer |
Yes |
Yes |
Yes |
|
SendCustomMessage |
Yes |
Yes |
Yes |
|
Group roles are determined in the 'Group Users' tab of the Manage Groups page.
User Roles
The user that is being used to access the API must have the 'DDMSEditPayer' User Role. You add this role in the 'Manage Users' section of PayGate.
