Accessing the API

Role-Based Access Control (RBAC)
The Atlar API and Dashboard leverage RBAC to define user permissions and enhance security across the platform. This ensures that users are granted access only to the resources and functionalities pertinent to their roles. By defining distinct roles within the system, administrators can easily assign and manage user permissions.
This approach simplifies access management and significantly reduces the risk of unauthorized operations, aligning with best practices for data security and system integrity.

Setting up the Role

Navigate to User Management → Roles in the Atlar Dashboard.
Roles specify the scope of features and functionality that a user can access.

For this getting started guide, create a new role with full access to:

  • Accounts
  • Counterparties
  • External Accounts
  • Transfers
  • Mandates & Direct Debits
💡

If you attempt to access or modify a resource without the correct permission assigned to the role, the API will return a 403 Forbidden response.

Setting up the Programmatic Access User

With the role created, go to User Management → Users and create a new Programmatic Access user.
Once created, the ACCESS_KEY and SECRET will be displayed.

⚠️ Important: Store the secret securely, as it is only shown once at this point.
If the secret is lost, you must delete the user and create a new one to regenerate credentials.