0 How to configure security settings for REST PATCH? 0 Bryan Donovan posted 8 Years Ago How should I configure RockRMS to update a Person object using the /api/People/{id} PATCH action? After allowing View, Edit and Administrate permissions for the REST Key user the patch action continues to return a 401 unauthorized error. If I don't provide an empty dictionary in the body, the PATCH action returns a 400 "Message": "No values were sent in the body". Seems like the Authenticate and Secured authorization attributes are returning true and the CheckCanEdit method is returning false. Adding the REST Key user to the RSR - Rock Administration security group successfully updates the person however this seems insecure.