Hello,
I am trying to give a set of users the ability to do GET, PUT and POST operations using API. I tested it at my end and it works. Couple of queries around it:
1. Does the API calls only works for resources with Admin privileges? I tried to setup my colleague as an 'User' and he received 'Access Denied' message
2. How to ensure a user have abilities to do GET, PUT and POST, but bar that user from DELETE operation?
Allow all API calls except DELETE operation
-
benjaminsmith
- Posts: 5324
- Joined: Wed Aug 22, 2018 4:39 pm
- Location: saint paul
Re: Allow all API calls except DELETE operation
Hi,
For user accounts, there will only be to access the objects API endpoint; these are all GET requests. The other API endpoints like System and Config, are admin level functions, so that's why it is restricted to admin accounts.
Hope that answers your questions and let us know if you have more.
Benjamin
For user accounts, there will only be to access the objects API endpoint; these are all GET requests. The other API endpoints like System and Config, are admin level functions, so that's why it is restricted to admin accounts.
Hope that answers your questions and let us know if you have more.
Benjamin
As of May 25th, 2018, all communications with Nagios Enterprises and its employees are covered under our new Privacy Policy.
Be sure to check out our Knowledgebase for helpful articles and solutions!
Be sure to check out our Knowledgebase for helpful articles and solutions!
Re: Allow all API calls except DELETE operation
Thank you for explaining the difference. Please feel free to archive this thread.
-
scottwilkerson
- DevOps Engineer
- Posts: 19396
- Joined: Tue Nov 15, 2011 3:11 pm
- Location: Nagios Enterprises
- Contact:
Re: Allow all API calls except DELETE operation
Great!ghosham wrote:Thank you for explaining the difference. Please feel free to archive this thread.
Locking thread