You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
`IsAuthenticatedOrReadOnly` authorizes users that are not
authenticated for read-only access to resources.
Therefore, they are unauthenticated users, not unauthorized users.
Copy file name to clipboardExpand all lines: docs/api-guide/permissions.md
+1-1Lines changed: 1 addition & 1 deletion
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -165,7 +165,7 @@ This permission is suitable if you want your API to only be accessible to a subs
165
165
166
166
## IsAuthenticatedOrReadOnly
167
167
168
-
The `IsAuthenticatedOrReadOnly` will allow authenticated users to perform any request. Requests for unauthorized users will only be permitted if the request method is one of the "safe" methods; `GET`, `HEAD` or `OPTIONS`.
168
+
The `IsAuthenticatedOrReadOnly` will allow authenticated users to perform any request. Requests for unauthenticated users will only be permitted if the request method is one of the "safe" methods; `GET`, `HEAD` or `OPTIONS`.
169
169
170
170
This permission is suitable if you want to your API to allow read permissions to anonymous users, and only allow write permissions to authenticated users.
0 commit comments