The Proximity Beacon API’s administration endpoints are authenticated, and manipulation of beacon objects are restricted to authorized parties. Such manipulation might include registering new beacons or adding attachments in your project’s namespace. Additionally, you can share your beacon network with another developer to allow them to add their own attachments to your beacons in their own namespace.

There are several methods for authorizing users to administer your beacon data. These allow you to control which personnel may manage your deployments, or you can use them to collaborate with other developers as your network grows.

Proximity Beacon API roles

There are several scenarios where it makes sense to allow certain end users to perform certain actions using the administration endpoints. For example, Beacons may be deployed by users who should not be able to access other project resources (for example, creating new App Engine instances). Or the owner of a venue may wish to allow other developers to add attachments to beacons in the venue.

Proximity Beacon API uses a set of roles defined under the Google Cloud Platform Identity and Access Management (IAM) system to enable you to set up users with the correct permissions to carry out these tasks. You can set roles under IAM & Admin in the Google Developers Console.

The following roles are defined, under the assumption that "A grants role to B":

Role Description
BeaconEditor B can register new beacons in A’s project, including setting description, place and location information, beacon properties. B can view and alter beacons already registered in A’s project.
AttachmentEditor B can create attachments in A’s namespace on beacons in A’s project.
AttachmentPublisher B can create attachments in B’s namespace on A’s beacons. A cannot use or alter B’s attachments. B’s attachments are removed in case A decommissions the beacon they’re associated with.

Specifying the project for your requests

Some clients use the API to manage beacons for multiple projects. To accommodate this, the Proximity Beacon API allows you to specify the project id in your requests. If a project ID is not specified, the API infers the project from the request's OAuth credentials.