sparkles2026-02-11: IAM Service - restrictions and restrictionAware properties

Overview

restrictions property for groups

The Group object was extended with a new restrictions property. This property limits the visibility of permission-aware entities for users based on scope permissions.

restrictionAware property for access controls

The AccessControl object was extended with a new restrictionAware property. This property determines whether an access control generates scopes with restriction suffixes when assigned to a group that has restrictions defined.

When restrictionAware is set to true, the generated scopes will include restrictions (e.g., order.order_manage--DE) based on the group's restrictions list. When false, scopes are generated without restriction suffixes regardless of the group's restrictions.

Updated endpoints

Groups

Endpoint
Description

Property restrictions has been introduced.

Property restrictions has been introduced.

Property restrictions has been introduced.

Property restrictions has been introduced.

Access Controls

Endpoint
Description

Property restrictionAware has been introduced.

Property restrictionAware has been introduced.

Property restrictionAware has been introduced.

Property restrictionAware has been introduced.

Property restrictionAware has been introduced.

Property restrictionAware has been introduced in expanded access controls.

Known problems

There are no known problems.

Last updated

Was this helpful?