Ask a Question
Back to All

REST API Public User with Access to Info

Hello, I'm concerned about this situation: I just created a Public User in Imis and didn't change any permission to it.

I found that using the following script from the browser console, this new Public User (after I logged in with his credentials in Rise) could do many listings like the one below. Could you help me understand why ? I need to let him just read information, but I'd like to know how to block Public Users from reading information.



type : "get",

contentType: "application/json",

headers: {"RequestVerificationToken": document.getElementById("__RequestVerificationToken").value},

success: function(data){console.log(data);}


Thank you !