Get Record Permissions

Gets the Record permission settings of an App.

MethodGET
URLhttps://{subdomain}.kintone.com/k/v1/record/acl.json
URL(guest space)https://{subdomain}.kintone.com/k/guest/{SpaceID}/v1/record/acl.json
Authentication Password Authentication, API Token Authentication, Session Authentication
Content-Typeapplication/json (not needed if specifying the query with a query string)

Contents

Pre-live settings

Apps may hold pre-live settings that have not yet been deployed to the live App.
Access the pre-live settings with the below URL.

URL https://{subdomain}.kintone.com/k/v1/preview/record/acl.json
URL(guest space) https://{subdomain}.kintone.com/k/guest/{SpaceID}/v1/preview/record/acl.json

Permissions

  • Permission to manage the App is needed when obtaining data of live Apps.
  • Permission to manage the App is needed when obtaining data of pre-live settings.

Request Parameters

Parameter Value Required Description
app Integer or String Yes The App ID.
lang String The localized language to retrieve the data in:
  • default: retrieves the default names
  • en: retrieves the localized English names
  • zh: retrieves the localized Chinese names
  • ja: retrieves the localized Japanese names
  • user: retrieves the localized names, in the same language as the language setting* set on the user used for the authentication.
If ignored, the default names will be retrieved.

*If the user language setting is set to "Use Web browser settings", the settings set in the Accept-Language header will be used. If there is no Accept-Language header, the language set in the "Localization" settings in the System Administrator's menu will be used.

Sample Request

JavaScript (using Kintone REST API Request)

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
var body = {
  'app': 1
};

kintone.api(kintone.api.url('/k/v1/record/acl.json', true), 'GET', body, function(resp) {
  // success
  console.log(resp);
}, function(error) {
  // error
  console.log(error);
});

XMLHttpRequest

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
var url = 'https://{subdomain}.kintone.com/k/v1/record/acl.json?app=1';
var xhr = new XMLHttpRequest();
xhr.open('GET', url);
xhr.setRequestHeader('X-Requested-With', 'XMLHttpRequest');
xhr.onload = function() {
  if (xhr.status === 200) {
    // success
    console.log(JSON.parse(xhr.responseText));
  } else {
    // error
    console.log(JSON.parse(xhr.responseText));
  }
};
xhr.send();

Response Parameters

Parameter Type Description
rights Array An array of objects that contain data of record permissions, in order of priority.
rights[].filterCond String The filter condition of the record permission.
Check here for more information on query formats.
rights[].entities Array An array listing the entities the permissions are granted to, in order of priority.
rights[].entities[].entity Object An object containing data of the entity the permission is granted to.
rights[].entities[].entity.type String The type of the entity the permission is granted to.
  • USER: User
  • GROUP: Group
  • ORGANIZATION: Department
  • FIELD_ENTITY: User field
rights[].entities[].entity.code String The code of the entity the permission is granted to.
rights[].entities[].viewable Boolean The view permission of the entity.
  • true: The record is viewable.
  • false: The record is not viewable.
rights[].entities[].editable Boolean The edit permission of the entity.
  • true: The record is editable.
  • false: The record is not editable.
rights[].entities[].deletable Boolean The delete permission of the entity.
  • true: The record is deletable.
  • false: The record is not deletable.
rights[].entities[].includeSubs Boolean The permission inheritance settings of the department the permission is granted to.
  • true: Permissions are inherited.
  • false: Permissions are not inherited.
revision String The revision number of the App settings.

Sample Response

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
{
  "rights": [
    {
      "filterCond": "Updated_datetime > \"2017-02-03T09:00:00Z\" and Updated_datetime < \"2017-02-03T10:00:00Z\"",
      "entities": [
        {
          "entity": {
            "type": "ORGANIZATION",
            "code": "org1"
          },
          "viewable": false,
          "editable": false,
          "deletable": false,
          "includeSubs": true
        },
        {
          "entity": {
            "type": "FIELD_ENTITY",
            "code": "Updated_by"
          },
          "viewable": true,
          "editable": true,
          "deletable": true,
          "includeSubs": false
        }
      ]
    }
  ],
  "revision": "2"
}