We are building OData API based integration with an external application- Nakisa. To achieve this, I had created an exclusive API security role in EC through manage permission Roles.
As a security measure, all non-mapped personal information fields have been excluded from the RBP selection. However, many of the fields continue to appear when the API entity gets queried in postman (api testing tool)
For instance, Marital Status field under Employee Central Effective Dated Entities has been excluded, but they continue to appear if the API entity PerPersonal is being queried. Same goes with fields from Employee Data section- Date of Birth which continues to appear when API entity PerPerson gets queried.
I feel the RBP has no effect on these fields. Is there any way to control these from getting exposed through API.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.