Creates a permission request order.

Debugging

OpenAPI Explorer automatically calculates the signature value. For your convenience, we recommend that you call this operation in OpenAPI Explorer. OpenAPI Explorer dynamically generates the sample code of the operation for different SDKs.

Request parameters

Parameter Type Required Example Description
Action String Yes CreatePermissionApplyOrder

The operation that you want to perform.

ApplyObject.N.Actions String Yes Select,Describe

The type of the permissions that you request. If you request different types of permissions at the same time, separate them with commas (,). You can request only the SELECT, DESCRIBE, and DOWNLOAD permissions.

ApplyObject.N.ColumnMetaList.N.Name String Yes aColumnName

The name of the column on which you request permissions. If you request permissions on an entire table, enter the names of all the columns in the table.

You can request permissions on specific columns in a MaxCompute project only after LabelSecurity is enabled for this project. If LabelSecurity is disabled, you can request permissions only on an entire table.

ApplyObject.N.Name String Yes aTableName

The object on which you request permissions. You can request permissions only on MaxCompute tables. Set this parameter to the name of the table on which you request permissions.

ApplyReason String Yes I need to use this table

The reason for your request. The administrator decides whether to approve the request based on the request reason.

ApplyUserIds String Yes 267842600408993176,267842600408993177

The unique ID of the Alibaba Cloud account for which you request permissions. If you request permissions for multiple Alibaba Cloud accounts, separate multiple IDs with commas (,).

MaxComputeProjectName String Yes aMaxcomputeProjectName

The name of the MaxCompute project in which you request permissions on a MaxCompute table.

RegionId String Yes cn-shanghai

The region ID. For example, the ID of the China (Shanghai) region is cn-shanghai, and that of the China (Zhangjiakou) region is cn-zhangjiakou. The system automatically determines the value of this parameter based on the endpoint that is used to call the operation.

WorkspaceId Integer Yes 12345

The ID of the DataWorks workspace that is associated with the MaxCompute project on which you request permissions. You can go to the Workspace Management page in the DataWorks console to query the workspace ID.

Deadline Long No 1617115071885

The expiration time of the permissions that you request. If you do not specify this parameter, January 1, 2065 is used as the expiration time.

If LabelSecurity is disabled in the MaxCompute project, or the security level of fields in the MaxCompute table on which you request permissions is 0 or is less than or equal to the security level of the Alibaba Cloud account for which you request permissions, you can request only permanent permissions.

You can go to the Workspace Management page in the DataWorks console, click MaxCompute Management in the left-side navigation pane, and then check whether column-level access control is enabled.

You can go to the DataWorks workspace, view the security level of the fields in Data Map, and then view the security level of the Alibaba Cloud account on the User Management page.

OrderType Integer No 1

The type of the permission request order. The parameter value is 1 and cannot be changed. 1 indicates that ACL-based authorization is requested.

EngineType String No odps

The type of the compute engine in which you request permissions on tables. The parameter value is odps and cannot be changed. odps indicates that you can request permissions only on tables in the MaxCompute compute engine.

Response parameters

Parameter Type Example Description
FlowId List ee276e6e-5d34-46d8-b848-bca7879ed233

The ID of the request order. If you request permissions on multiple objects but each object has a different request approver, multiple request orders are generated and sent to the approvers. In this case, an array is returned.

RequestId String 0bc1ec92159376****

The ID of the request.

Examples

Sample requests

http(s)://[Endpoint]/?Action=CreatePermissionApplyOrder
&ApplyObject.1.Actions=Select,Describe
&ApplyObject.1.ColumnMetaList.1.1ame=aColumnName
&ApplyObject.1.1ame=aTableName
&ApplyReason=I need to use this table
&ApplyUserIds=267842600408993176,267842600408993177
&MaxComputeProjectName=aMaxcomputeProjectName
&RegionId=cn-shanghai
&WorkspaceId=12345
&<Common request parameters>

Sample success responses

XML format

<FlowId>ee276e6e-5d34-46d8-b848-bca7879ed233</FlowId>
<RequestId>0bc1ec92159376****</RequestId>

JSON format

{
    "FlowId": "ee276e6e-5d34-46d8-b848-bca7879ed233",
    "RequestId": "0bc1ec92159376****"
}

Error codes

For a list of error codes, visit the API Error Center.