Configuring generated resource access code

Depending on the business needed, the following resource access configuration may be required:

  • Guidewire recommends removing the TODO RestEndpointGenerator comments.
  • The default resource access for internal users is "you can access the custom entity if you can access its parent." If this is not appropriate or sufficient, you must configure the internal resource strategy extension file.
  • The default resource access for services is "you can access all custom entities." If this is not appropriate or sufficient, you must configure the service resource strategy extension file.
  • There is no default resource access for external users, unauthenticated users, or callers with default access. If your endpoints support any of these types of callers, you must configure the corresponding resource strategy extension file.

For more information on how to configure resource access files, see the Cloud API Authentication Guide.