Get Record Permissions

Gets the Record permission settings of an App.

Method	GET
URL	https://{subdomain}.kintone.com/k/v1/record/acl.json
URL(guest space)	https://{subdomain}.kintone.com/k/guest/{SpaceID}/v1/record/acl.json
Authentication	API Token Authentication, Password Authentication
Content-Type	application/json (not needed if specifying the query with a query string)

Pre-live settings
Permissions
Request Parameters
Sample Request
Response Parameters
Sample Response

Pre-live settings

Apps may hold pre-live settings that have not yet been deployed to the live App.
Access the pre-live settings with the below URL.

URL	https://{subdomain}.kintone.com/k/v1/preview/record/acl.json
URL(guest space)	https://{subdomain}.kintone.com/k/guest/{SpaceID}/v1/preview/record/acl.json

Permissions

Permission to manage the App is needed when obtaining data of live Apps.
Permission to manage the App is needed when obtaining data of pre-live settings.

Request Parameters

Parameter	Value	Required	Description
app	Integer or String	Yes	The App ID.
lang	String		The localized language to retrieve the data in: default: retrieves the default names en: retrieves the localized English names zh: retrieves the localized Chinese names ja: retrieves the localized Japanese names user: retrieves the localized names, in the same language as the language setting* set on the user used for the authentication. If ignored, the default names will be retrieved.

*If the user language setting is set to "Use Web browser settings", the settings set in the Accept-Language header will be used. If there is no Accept-Language header, the language set in the "Localization" settings in the System Administrator's menu will be used.

Sample Request

JavaScript (using Kintone REST API Request)

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11


var body = {
  'app': 1
};

kintone.api(kintone.api.url('/k/v1/record/acl', true), 'GET', body, function(resp) {
  // success
  console.log(resp);
}, function(error) {
  // error
  console.log(error);
});

XMLHttpRequest

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14


var url = 'https://{subdomain}.kintone.com/k/v1/record/acl.json?app=1';
var xhr = new XMLHttpRequest();
xhr.open('GET', url);
xhr.setRequestHeader('X-Requested-With', 'XMLHttpRequest');
xhr.onload = function() {
  if (xhr.status === 200) {
    // success
    console.log(JSON.parse(xhr.responseText));
  } else {
    // error
    console.log(JSON.parse(xhr.responseText));
  }
};
xhr.send();

Response Parameters

Parameter	Type	Description
rights	Array	An array of objects that contain data of record permissions, in order of priority.
rights[].filterCond	String	The filter condition of the record permission. Check here for more information on query formats.
rights[].entities	Array	An array listing the entities the permissions are granted to, in order of priority.
rights[].entities[].entity	Object	An object containing data of the entity the permission is granted to.
rights[].entities[].entity.type	String	The type of the entity the permission is granted to. USER: User GROUP: Group ORGANIZATION: Department FIELD_ENTITY: User field
rights[].entities[].entity.code	String	The code of the entity the permission is granted to.
rights[].entities[].viewable	Boolean	The view permission of the entity. true: The record is viewable. false: The record is not viewable.
rights[].entities[].editable	Boolean	The edit permission of the entity. true: The record is editable. false: The record is not editable.
rights[].entities[].deletable	Boolean	The delete permission of the entity. true: The record is deletable. false: The record is not deletable.
rights[].entities[].includeSubs	Boolean	The permission inheritance settings of the department the permission is granted to. true: Permissions are inherited. false: Permissions are not inherited.
revision	String	The revision number of the App settings.

Sample Response

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30


{
  "rights": [
    {
      "filterCond": "Updated_datetime > \"2017-02-03T09:00:00Z\" and Updated_datetime < \"2017-02-03T10:00:00Z\"",
      "entities": [
        {
          "entity": {
            "type": "ORGANIZATION",
            "code": "org1"
          },
          "viewable": false,
          "editable": false,
          "deletable": false,
          "includeSubs": true
        },
        {
          "entity": {
            "type": "FIELD_ENTITY",
            "code": "Updated_by"
          },
          "viewable": true,
          "editable": true,
          "deletable": true,
          "includeSubs": false
        }
      ]
    }
  ],
  "revision": "2"
}

API Docs