Hi Community,
Is there a way to have an API Role for a designated API User that is basically an API Admin and not a UI Admin?
-RJ
Solved
API Admin User Role
Best answer by jinin
Hi
Try the below steps:
- Create an API User Type
- Set Allowed Login Type = API
- Disable Two-Factor Authentication
- This ensures the user cannot log in to the UI
- Create a Dedicated API User
- Assign the API User Type
- Link to an employee (required)
- Create a Custom API Role (API Admin)
- Enable Web Service access
- Grant access only to required screens/modules
- Do not use the Administrators role
- Assign the Role to the API User
- Assign only the custom API role
+12Hi
Try the below steps:
- Create an API User Type
- Set Allowed Login Type = API
- Disable Two-Factor Authentication
- This ensures the user cannot log in to the UI
- Create a Dedicated API User
- Assign the API User Type
- Link to an employee (required)
- Create a Custom API Role (API Admin)
- Enable Web Service access
- Grant access only to required screens/modules
- Do not use the Administrators role
- Assign the Role to the API User
- Assign only the custom API role
Hi
What would happen if I did allow the login type to API, and gave the API user the Admin role?
Thanks,
RJ
+12Hi
If the API user gets full control of the system (Admin Role).
- Can read, create, update, and delete any data
- Can bypass UI validations
- Can change system configuration
- Can cause data corruption if the API has a bug
- Hard to track changes (everything looks like Admin did it)
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.