Idea ID: 2808039

REST-API: It should be possible to give users "read only" access rights for UCMDB REST-API

Status : Accepted

Great news, this idea has been accepted on our product roadmap. Subscribe to receive updates. (This is not a formal commitment, and subject to change)


See status update history
over 1 year ago

When using the UCMDB REST-API it should be possible to give users "read only" access rights. Currently you need an integration user with "server administration privilege" for that.

Tags:

Labels:

API
Parents
  • Hi Christoph,

    here we go:

    Added an Authorization Filter at REST-API level that is activate based on a setting.

    Configuration: In order to activate the filter, please go to \UCMDBServer\conf => rest_api.properties and add the following setting:

    #check for access to SDK permission
    restrict_access_to_sdk=true

    If the setting is set to TRUE, then only users with “Access to SDK” permission will be able to successfully execute rest-api calls.

    The others will receive the Response status UNAUTHORIZED(401, "Unauthorized"), the following error message: “User is not authorized to access the SDK”. If the setting is not present in the properties file, its OOTB value is FALSE.

    Have a nice day,
      Michael

Comment
  • Hi Christoph,

    here we go:

    Added an Authorization Filter at REST-API level that is activate based on a setting.

    Configuration: In order to activate the filter, please go to \UCMDBServer\conf => rest_api.properties and add the following setting:

    #check for access to SDK permission
    restrict_access_to_sdk=true

    If the setting is set to TRUE, then only users with “Access to SDK” permission will be able to successfully execute rest-api calls.

    The others will receive the Response status UNAUTHORIZED(401, "Unauthorized"), the following error message: “User is not authorized to access the SDK”. If the setting is not present in the properties file, its OOTB value is FALSE.

    Have a nice day,
      Michael

Children
No Data