1. Lease Servicing Setup Guide
  2. Administration User
  3. Access
  4. Webservice

3.3.6 Webservice

The Webservice screen in Access setup allows you to configure access to the available RESTful webservices in the system. The associated seed data for all the RESTful webservices are loaded during product installation and process of installing the same is detailed in the Installation guide.

As an administrator/superuser, you can Enable/Disable Web Service access to users based on their responsibility and ensure that only authorized user have access to specific type of data in the system. Following list indicates some of the available RESTful webservices in the system and the complete list is made available in swagger JSON file shared in OTN library.
  • Generic Post Transaction Service
  • Call Activity Service
  • Scheduler Service
  • Account Search Service
  • Account Boarding Service
  • Payment Posting Service
  • Account Detail Service
  • Calculator Service
  • Application Search Service
  • Get Scenario Analysis Service
  • Post Scenario Analysis Service
  • Lookup Service
  • Dialer Integration Service
  • Application GET Service
  • Application Entry service
  • Application Update Service
  • Application Status Change
  • Application Checklist
  • Application ACH GET Service
  • Application ACH POST Service
  • Application Comment GET Service
  • Application Comment POST Service
  • Application Document GET Service
  • Application Document POST Service
  • Account Comment GET Service
  • Account Comment POST Service
  • Account Document GET Service
  • Account Document POST Service
  • Process File Upload Service
  • Process File Download Service
  • Process File List Service
  • Product Service
  • Asset Service
  • Asset Sub-Type Service
  • Scheduler Force ReSubmit
  • Remarketing GET Service
  • Remarketing POST Service
  • Invoice GET Service
  • Invoice POST Service
To setup the Webservice access
  1. Click Setup > Setup > Administration > User > Access > Webservice. The screen consists of the following tabs:
    • Security Super Group
    • Security Access Definition
    • Security User Access Definition Details
    • Security Access Definition Details (This sub tab is available only for SERVICING AND COLLECTION Super Group.

      Figure 3-14 Webservice


      Description of Figure 3-14 follows
      Description of "Figure 3-14 Webservice"

  2. The Security Super Group section, contains the following super group categories for selection:
    • COMMOM
    • INTERFACES
    • ORIGINATION
    • SERVICING and COLLECTIONS
    • SETUP
    • WHOLESALE FLOOR PLANNING
  3. Select the required Super Group and the associated data in sub tabs are categorized accordingly.
  4. In the Security Access Definition section, you can view the following field details and edit only the Description and Enabled status of selected Security Access Definition.

    Table 3-23 Security Access Definition

    Field Do this
    Access Code The system displays the webservice access code.
    Description The system displays the description of the associated webservice access code and can be edited for required changes.
    Type The system displays the type of security access definition.
    System Defined If selected as Yes, the security access definition entry is system defined. If selected as No, the security access definition entry is manually defined.
    Enabled Check this box to enable the selected webservice access code.
  5. Perform any of the Basic Actions mentioned in Navigation chapter.
  6. In the Security User Access Details section, perform any of the Basic Operations mentioned in Navigation chapter.
    A brief description of the fields are given below:

    Table 3-24 Security User Access Details

    Field Do this
    Access Type Select Responsibility (default) as the access type from the dropdown list. For this access type to be available in the drop-down list, ensure that the Lookup Type ACCESS_GRID_TYPE_CD is maintained in the system.
    Access Value

    This field is Read-only for System Defined Security Access Definitions which are loaded as part of seed data during installation.

    For non-system defined Security Access Definitions, select the access value which is the user responsibility who needs to have access to this webservice from the drop-down list.

    For user responsibilities to be populated in the drop-down list, ensure that the Lookup Type RESPONSIBILITY_CD is maintained in the system.

    Allowed Select Yes to allow user access to this webservice or No to deny access. By default, No is selected.
    System Defined

    Select Yes, if the webservice user access definition entry is system defined.

    Select No, if the webservice user access definition entry is manually defined.

  7. Perform any of the Basic Actions mentioned in Navigation chapter.

Security Access Definition Details

If you have selected the Security Super Group as SERVICING and COLLECTIONS, there is an additional sub section Security Access Definition Details enabled. This sub tab facilitates you to further restrict and control access to specific type of data within the accessible RESTful web services. The restriction can be defined based on specific Account Condition or Account Status.

For example, out of all the account types maintained in the system you can restrict data access to only delinquent account(s) to a particular user responsibility by selecting Access Type as Account Condition and Access Value as Delinquent.

Controlling web service data access to permitted user(s)

For any user to access web service data, you need to define atleast one positive (allowed) definition defined in Security Access Definition Details section. Else, webserivce data is not displayed for that particular user even if that user responsibility has permissions to access web service.

OFSLL supports multiple user conditions on an Account and system requires to have atleast one account condition defined as Allowed in setup to display the data. In case, even if any one of the account condition is defined as Not Allowed in setup, then system does not allow to access the data.

During the following scenarios, data is either displayed/not displayed in Webservice screen:

Table 3-25 Data in Webservice screen

Scenario Data displayed
No condition is available on the account and also no condition defined in setup Data is displayed since there is no restriction.
Condition is available on the account but not defined in setup Data is not displayed since restriction is applied
Multiple conditions are available on the account and one condition is defined in setup as Allowed Data is displayed
Multiple conditions are available on the account and one condition is defined in setup as Not Allowed Data is not displayed
Whenever user with specific responsibility tries to access the restricted data, following type of error messages are displayed:
  • For POST/PUT service, system displays error as Access denied with HTTP Error Code 401.
  • For GET service with single account record, system displays error message as No data found with http error code 400.
  • For GET service with multiple account records, of which some have access restriction and other don’t, then system displays only the unrestricted records and does not display the restricted records. In such a case, error message is not displayed.

    Note:

    When multiple user access definitions are defined in the system, while processing the data access request to a web service OFSLL first validates for any access restrictions on the user responsibility. If not, then validates the same against ALL responsibility before displaying the data in Webservice screen.

For example, if data access restriction is defined for ALL and SUPERUSER responsibilities. when logged in with SUPERUSER responsibility, the data restriction of SUPERUSER is applied. In case, if the user logs in with any other responsibility other than SUPERUSER, then restriction defined for ALL is applied.

To define Security Access Definition Details
  1. Click Setup > Setup > Administration > User > Access > Webservice tab.
  2. Select the module in Security Super section as SERVICING and COLLECTIONS.
  3. Select the user responsibility in Security User Access Definition Details section.
  4. In the Security Access Definition Details section, perform any of the Basic Operations mentioned in Navigation chapter.
    A brief description of the fields are given below:

    Table 3-26 Security Access Definition Details

    Field Do this
    Access Type Select the access function type (as either ACCOUNT CONDITION OR ACCOUNT STATUS) that is being used to control the user access from the drop-down list.
    Access Value Select the access value from the drop-down list. The list is sorted based on the Access Type selected. Also, based on a lookup associated with the Access Type multiple entries for each access type can be created as long as each has a different access value.
    Allowed? Yes/No Select Yes if the access is allowed and No if the access is not allowed. This indicates whether the selected combination of Access Type and Access Value is allowed to access the data.
    System Defined Yes/ No Select Yes, if you wish to maintain access type as system defined and No, if you do not want to maintain it as system defined. However, system defined entries cannot be modified.
  5. Perform any of the Basic Actions mentioned in Navigation chapter.

Parent topic: Access