Open Discussion

Expand all | Collapse all

API User Account Permissions

  • 1.  API User Account Permissions

    This message was posted by a user wishing to remain anonymous.
    Posted 05-27-2020 16:06
    This message was posted by a user wishing to remain anonymous.

    Greetings,
    I'm wondering if there is anyone that is using the API to send data to various systems.  For example, I have two scenarios.
    For those of you that might use Jamf in your environment, I'm using an Extension Attribute to populate things using the API.
    Another example, I'm looking to use the API to provide backup status information into our ticket system, Team Dynamix.
    Currently, I've created an API "service" account which has the role of "ORG Manager".  I would like to tighten the permissions via custom permissions but that is not an option.  Does anyone know what role would be the best to read backup status without the permissions of web restores, app restores and all of that.
    Thanks,
    Joe


  • 2.  RE: API User Account Permissions

    Posted 05-29-2020 08:09

    Hello Joe,

    I've run into this question a couple times, and the best role I've seen is the Cross Org Security Viewer.  This has no restore permissions, and no update permissions, but read on pretty much all user/computer/org settings.  Would that cover all your use cases?
    https://support.code42.com/Administrator/Cloud/Monitoring_and_managing/Roles_reference#Cross_Org_Security_Viewer

    Cheers,

    Greg



    ------------------------------
    Greg Hegseth
    Solutions Consultant
    Minneapolis MN
    ------------------------------



  • 3.  RE: API User Account Permissions

    This message was posted by a user wishing to remain anonymous.
    Posted 24 days ago
    This message was posted by a user wishing to remain anonymous.

    Hi Greg,

    Thank you very much for your response.  I will give that a try and see how it works in our environment.

    Stay well,
    Joe