Join us at the CMS Virtual Customer Forum December 9th
Please join us at the CMS Virtual Customer Forum December 9, 2020 | 7:30 a.m. PDT | 4:30 p.m. CEST

REST-API: It should be possible to give users "read only" access rights for UCMDB REST-API

Idea ID 2808039

REST-API: It should be possible to give users "read only" access rights for UCMDB REST-API

When using the UCMDB REST-API it should be possible to give users "read only" access rights. Currently you need an integration user with "server administration privilege" for that.

7 Comments
Micro Focus Expert
Micro Focus Expert
Thank you for sharing your idea! It’s open for comments and kudos, and we’re looking forward to input from the community. Once there is enough community traction, it will be further reviewed by the product team. 
Micro Focus Expert
Micro Focus Expert
Status changed to: Waiting for Votes
 
Micro Focus Expert
Micro Focus Expert

Hi,

this feature was implemented in CMS 2020.02.
There is a HF for 10.33 too.

Reference: OCTCR19U663621 - 'Allow detailed permissions for UCMDB API (e.g. read-only) in non-MT environment'

Best regards,
  Michael

Ensign Ensign
Ensign

Hello Michael, i had a look at the rest api von cms 2020.02 but i couldn´t see where i can restrict the access to the rest api. please send a short link where i can find it in detail.

yours

Christoph

Micro Focus Expert
Micro Focus Expert

Hi Christoph,

here we go:

Added an Authorization Filter at REST-API level that is activate based on a setting.

Configuration: In order to activate the filter, please go to \UCMDBServer\conf => rest_api.properties and add the following setting:

#check for access to SDK permission
restrict_access_to_sdk=true

If the setting is set to TRUE, then only users with “Access to SDK” permission will be able to successfully execute rest-api calls.

The others will receive the Response status UNAUTHORIZED(401, "Unauthorized"), the following error message: “User is not authorized to access the SDK”. If the setting is not present in the properties file, its OOTB value is FALSE.

Have a nice day,
  Michael

Ensign Ensign
Ensign

Hi Michael,

thank you for the Feedback. in the next step we want to restrict the rest-api call only to read informations from the ucmdb. this was the idea to restrict "read-only" by accessing the rest-api.

is it also possible ?

Yours

Christoph

Micro Focus Expert
Micro Focus Expert
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.