Use case

A learning platform is functioning well, and it’s time for the company to hire their first customer support staff. A common support task is resetting the final score after a user contacts Support to request re-taking the final test.

The platform manager wishes to allow support staff to reset final scores, without granting full manager status to them.

Implementation

With DjaoDjin, the manager for the learning platform creates an access rule for the API endpoint that forwards a request to the learning platform when an authenticated user is a direct contributor.

Once the rule is created, when a direct contributor (such as the new support staff) clicks to reset a score, DjaoDjin will check that they are authorized as a direct contributor to the site. If so, DjaoDjin forwards the request to the learning platform. If not, DjaoDjin returns a customizable 403 Permission Denied message.