Skip to main content
POST
/
api
/
v1
/
authorize
/
{proxy+}
Check authorization for an action
curl --request POST \
  --url https://api.aion.xyz/api/v1/authorize/{proxy+} \
  --header 'Authorization: Bearer <token>' \
  --header 'X-Account-ID: <x-account-id>' \
  --header 'X-Action: <x-action>' \
  --header 'X-User-ID: <x-user-id>'
{
  "allowed": true,
  "reason": "User has project_admin role"
}

Authorizations

Authorization
string
header
required

JWT Bearer token authentication

Headers

X-User-ID
string
required

The user identifier making the request

Example:

"john.doe"

X-Account-ID
string
required

The account identifier for the request context

Example:

"my-company-account"

X-Action
string
required

The action being performed (e.g., "account:user:read", "project:instance:create")

Example:

"project:instance:create"

Path Parameters

proxy+
string
required

The original request path being authorized (e.g., "projects/my-project/instances")

Example:

"projects/my-project/instances"

Response

Authorization allowed

allowed
boolean
required

Whether the action is authorized

Example:

true

reason
string

Explanation for the authorization decision

Example:

"User has account_admin role"