Business User access API improvements


We’ve released some improvements to the business user access API to allow for the maintenance of restricted access users.

The API endpoint is

GET /api/v2/business/{businessid}/access

An example business access record for an unrestricted user is

   "accessType": "Unrestricted",
   "employeeGroups": null,
   "reports": null,
   "name": "Slade Wilson",
   "email": ""

An example business access record for a restricted access user is:

  "accessType": "Restricted",
  "employeeGroups": [
      "employeeGroupId": 113,
      "permissions": "ApproveTimesheets, ApproveLeaveRequests, CreateTimesheets,
 CreateLeaveRequests, ViewLeaveRequests"
  "reports": {
    "accessType": "None",
    "specificReports": 0
  "name": "Nancy Jones",
  "email": ""

Field Documentation

accessType - allowed values are Unrestricted (default) and Restricted
employeeGroups > permissions - the specific permissions for a restricted user for a particular employee group. Allowed values can be retrieved from /api/v2/business/{businessid}/lookupdata/employeegrouppermissions
reports > accessType - allowed values are None, SpecificReports or AllReports
reports > specificReports - should only be specified if accessType is set to SpecificReports. This should be a comma separated list of report ids (which can be retrieved from /api/v2/business/{businessid}/lookupdata/reports). If access type is not specific reports, set the value of specificReports to zero (0)

Refer to for more details