Endpoints Access Roles
This document provides an overview of the public Alan API endpoints and describes who has access to individual endpoints. In general, all access rights to endpoints are controlled based on user roles. The roles are defined in the user management and assigned to users.
If a user does not have a required role, access to the endpoint is denied. Related UI elements are also hidden in the frontend.
Role Concept
Assumption: Every user has at least the alan-user role. A user can have multiple roles.
| Role | Description |
|---|---|
alan-user | Can chat and use existing experts and knowledge bases |
alan-contributor | Like user, can edit shared resources (experts, knowledge bases) |
alan-editor | Like contributor, can create, share and delete experts and knowledge bases |
alan-admin | Has access to admin functions such as data connectors, groups or tenant settings. Please note: The alan-admin role does not automatically include the permissions of the other roles. An admin must be assigned separate roles to, for example, chat or edit or create experts and knowledge databases. |
API Endpoints
The following table lists all public API endpoints and their required access roles.
| Path | Method | Roles |
|---|---|---|
| /chats/ | GET | User, Contributor, Editor |
| /chats/ | POST | User, Contributor, Editor |
| /chats/ | GET | User, Contributor, Editor |
| /chats/ | PUT | User, Contributor, Editor |
| /chats/ | DELETE | User, Contributor, Editor |
| /chats/{chat_id}/generate | POST | User, Contributor, Editor |
| /chats/{chat_id}/messages/ | GET | User, Contributor, Editor |
| /chats/{chat_id}/messages/ | GET | User, Contributor, Editor |
| /chats/{chat_id}/messages/ | PUT | User, Contributor, Editor |
| /chats/{chat_id}/regenerate | POST | User, Contributor, Editor |
| /connectors/ | GET | User, Contributor, Editor |
| /connectors/ | POST | Admin |
| /connectors/knowledge-bases | GET | User, Contributor, Editor |
| /connectors/ | GET | Admin |
| /connectors/ | PUT | Admin |
| /connectors/ | DELETE | Admin |
| /connectors/{connector_id}/knowledge-bases | POST | Editor |
| /connectors/{connector_id}/knowledge-bases | GET | User, Contributor, Editor |
| /connectors/{connector_id}/knowledge-bases/ | PUT | Contributor, Editor |
| /connectors/{connector_id}/knowledge-bases/ | GET | User, Contributor, Editor |
| /connectors/{connector_id}/knowledge-bases/ | DELETE | Editor |
| /docs | GET | |
| /docs | HEAD | |
| /docs/oauth2-redirect | GET | |
| /docs/oauth2-redirect | HEAD | |
| /experts/ | GET | User, Contributor, Editor |
| /experts/ | POST | Editor |
| /experts/ | GET | User, Contributor, Editor |
| /experts/ | DELETE | Editor |
| /experts/ | PUT | Contributor, Editor |
| /files/ | POST | User, Contributor, Editor |
| /files/ | GET | User, Contributor, Editor |
| /files/ | PUT | User, Contributor, Editor |
| /files/ | GET | User, Contributor, Editor |
| /files/ | DELETE | User, Contributor, Editor |
| /files/{file_id}/chunks | GET | User, Contributor, Editor |
| /files/{file_id}/content | GET | User, Contributor, Editor |
| /groups/ | GET | Admin |
| /groups/ | POST | Admin |
| /groups/ | GET | Admin |
| /groups/ | DELETE | Admin |
| /groups/ | PUT | Admin |
| /health/ | GET | |
| /llm/generate_stream | POST | User, Contributor, Editor |
| /models/ | GET | User, Contributor, Editor |
| /notifications/ | GET | User, Contributor, Editor |
| /notifications/ | PUT | User, Contributor, Editor |
| /openapi.json | GET | |
| /openapi.json | HEAD | |
| /redoc | GET | |
| /redoc | HEAD | |
| /search/ | POST | User, Contributor, Editor |
| /shares/ | GET | User, Contributor, Editor |
| /shares/ | POST | Editor |
| /shares/received | GET | User, Contributor, Editor |
| /shares/recipients | GET | User, Contributor, Editor |
| /shares/search_recipients | GET | User, Contributor, Editor |
| /shares/ | DELETE | Editor |
| /snapshots/ | POST | User, Contributor, Editor |
| /snapshots/ | GET | User, Contributor, Editor |
| /snapshots/import | POST | User, Contributor, Editor |
| /snapshots/ | GET | User, Contributor, Editor |
| /snapshots/ | DELETE | User, Contributor, Editor |
| /tenant/info | GET | User, Contributor, Editor |
| /tenant/licenses | GET | Admin |
| /tenant/quota | GET | Admin |
| /tenant/settings | GET | Admin |
| /tenant/settings | PUT | Admin |
| /user/ | GET | User, Contributor, Editor |
| /user/api-keys | POST | User, Contributor, Editor |
| /user/api-keys | GET | User, Contributor, Editor |
| /user/api-keys/ | GET | User, Contributor, Editor |
| /user/api-keys/ | DELETE | User, Contributor, Editor |
| /user/api-keys/{key_id}/renew | POST | User, Contributor, Editor |
| /user/issuer | GET | User, Contributor, Editor |
| /user/settings | GET | User, Contributor, Editor |
| /user/settings | PUT | User, Contributor, Editor |
| /user/token | GET | User, Contributor, Editor |
| /version/ | GET | User, Contributor, Editor |