API Security

Description

API Security is a feature found in Automate Enterprise edition which gives administrators the ability to manage and protect Automate Enterprise API resources through authentication. With API Security, you can assign elements of authority to Users or User Groups based on their access permissions to specific API lists. This feature is not included in Automate Enterprise Standard edition. With the Standard edition, you are limited to the option of turning API Permissions on or off.  

To access API Security, from the Server Management Console, select Options > Server Settings > API Security.

Related Topics

To Enable API Permissions (Standard/Enterprise Edition):

From the API Security page, add a check-mark to the Turn RESTful API on check-box (turned off by default).  

NOTE: API Security is available in the Automate EnterpriseEdition only and is not offered in the Standard Edition.

 

To Set API Permissions (Enterprise Edition Only):

  1. From the API Security page, add a check-mark to the Turn RESTful API on check-box (turned off by default).  

  2. Do one of the following:

    • Select the desired user or group from the Available Group/User Name (top left) pane and click Add to add it to the Selected Group/User Name (top right) pane.

OR

    • Double-click a user or group from the Available Group/User Name pane which will add it to the Selected Group/User Name pane.

  1. Select the user or group from the Selected Group/User Name pane and for each permission level in the Permissions (bottom) pane, specify whether that user/group should be allowed or denied access to the resource.

  1. When finished, click OK to save your settings.

NOTE: If two or more sets of permissions conflict, the set of permissions with least privilege is tracked. For example, if an individual user that is normally allowed permission to access the workflows list is added to a user group that is denied permission to access the workflows list, that user will no longer be able to access the workflows list based on this rule.

Parameters

The table below describes available API permissions that a user or group can be allowed or denied access to.

Permission Description
Full Control Allow or deny full control on API lists. Toggling Allow gives rights to all permission levels listed below. Toggling Deny refuses rights to all permission levels listed below.
/workflows/list Allow or deny permission to access the list of available workflows.
/tasks/list Allow or deny permission to access the list of available tasks.
/processes/list Allow or deny permission to access the list of available processes.
/conditions/list Allow or deny permission to access the list of available events and conditions.
/folders/list Allow or deny permission to access the list of available repository folders.
/users/list Allow or deny permission to access the list of available users.
/user_groups/list Allow or deny permission to access the list of available user groups.
/agents/list Allow or deny permission to access the list of available agents.
/agents_groups/list Allow or deny permission to access the list of available agent groups.