Controlling Access to the Administrator API

Integration Server 10.15 | Integration Server Administrator's Guide | Integration Server Administrator API | Controlling Access to the Administrator API

Granting Users Read-Only Access to the Administrator API

Read-Only Administrator Access Changes in Integration Server Version 10.15

The Administrator API provides two levels of permissions:

Administrators, that is members of the Administrators group have full access to the Administrator API. Users who belong to the Administrators group may perform all CRUD operations and administrative actions.

Read-only administrators who may only issue GET requests.

If a read-only administrator uses any other HTTP method in the Administrator API, the server rejects the request with a 403 status code. Local users are read-only administrators when they are members of the ReadOnlyAdministrators group. Users defined in Common Directory Services are read-only administrators when the group to which the user belongs is a member of the Allowed list for the ReadOnlyAdministrator ACL.

Note:
If a client who is not an administrator or a read-only administrator issues an Administrator API request, the server rejects the request with a 403 status code. Integration Server allows all users to access the OpenAPI file for a product using the GET /admin/swagger/productName operation.