Security and API protection token
A User with a valid Role can only access Admin UI. The roles can be created/Modified/deleted from the Admin Ui Roles screen. A Role whose Deletable attribute is set to No cannot be deleted by admin.
Most of the Jans Config API endpoints are protected. To access these endpoints there should be an Authorization token with appropriate scopes in the request header. The config-api permissions (required for Admin UI) can be added to the Admin UI configuration using the Permission screen.
The Permissions can be mapped to Admin UI Roles using Role/Permissions mapping screen.
The added Roles, Permissions and mappings (using Admin UI screens) are stored in admin-ui configuration in the database. Please check link to understand how roles/permissions added in token to access config-api endpoints.
