Access control overview
Generally, vehicle access is managed by two “barriers”:- Permission barrier: There are permissions for individual vehicles, as well as individual datapoints recorded by a vehicle. Permissions can be granted directly to users, or inherited via organizational membership.
- Subscription barrier: Similarly, there are subscription levels that determine which features and data types are available for a vehicle. Subscription levels can be assigned to individual vehicles, or inherited via organizational membership.
permission_via field in the header of the response.
This will show either via: me or via: organization, including additional information about the permission source, and organization.
If you have multiple permissions for a vehicle, all applicable sources will be listed.
Understanding vehicle permissions
The permission system uses an exhaustive list of individual permissions that can be granted to users and organizations for vehicles. Important example permissions include:- VEHICLE_STATUS_VIEW: Full access to vehicle location, sensor data, and operational status
- VEHICLE_LOGBOOK_VIEW: Access to trip history and event logs
- VEHICLE_STATUS_ANONYMIZED: Access to vehicle data without location information
- VEHICLE_PROFILE_EDIT: Ability to modify vehicle settings and configuration
- VEHICLE_CAN_UNLOCK: Permission to unlock vehicle doors remotely
Permissions for individual users
Each user can have permissions for the user account itself, as well as for an arbitrary number of individual vehicles.Any change to individual user permissions will be immutably logged in the audit log, including information about who made the change and when.