Controlling Access to the Administrator API

Software AG Products 10.11 | Administering Integration Server | Integration Server Administrator API | Controlling Access to the Administrator API

Creating a Read-Only Administrators Group

The Administrator API provides two levels of permissions:

Administrators, that is members of the Administrators group have full access to the Administrator API. Users who belong to the Administrators group may perform all CRUD operations and administrative actions.

Read-only administrators who may only issue GET requests.

If a read-only administrator uses any other HTTP method in the Administrator API, the server rejects the request with a 403 status code. Read-only administrators belong to a user group that is assigned to the watt.adminapi.group.readOnly server configuration parameter.

Note:
If a client who is not an administrator or a read-only administrator issues an Administrator API request, the server rejects the request with a 403 status code.