I do understand that GET is read-only. Say u want to retrieve SSN number of an individual. Before sending the SSN number we also need to see whether the user asking for the data is authorized to view that or not. I am not talking about Guard class authentication or authorization( custom authorizations such as LDAP/Database/CMS). If we dont allow entities as part of GET how will we target these use cases?
- handleGet and Entity Surjendu
- Re: handleGet and Entity Thierry Boileau
- Re: handleGet and Entity Surjendu
- Re: handleGet and Entity Rob Heittman
