Integrating Cloud Applications on Software AG Hosted Environment : Integration Cloud : Access Profiles : Adding or Updating Access Profiles
Adding or Updating Access Profiles
Use the Access Profiles screen to create or edit profiles assigned to users.
To add or update an Access Profile
1. From the Integration Cloud navigation bar, go to Settings > Access Profiles.
2. Click Add New Access Profile to add a custom access profile or click Edit to modify an existing Access Profile.
3. On the Add New Access Profile or Update Access Profile > Access Profile Information tab, complete the following fields. Required fields are marked with an asterisk on the screen.
Field
Description
Name
Provide a name for the Access Profile. You can reference the profile by name when assigning it to a user.
Description
Provide a general description for the Access Profile.
4. On the Login IP Address Restrictions tab, complete the following fields:
Field
Description
IP Address Ranges
For extra security, enter ranges of IP addresses from which users are allowed to access the platform. If a user attempts to login from a computer on a network outside of the specified range, access to the platform is denied.
Note:  
A maximum of 25 IP address ranges can be specified. You can add, modify, and delete the entries. Accepted format is xxx.xxx.xxx.xxx - yyy.yyy.yyy.yyy, where xxx and yyy are numbers in the range 0-255 and xxx.xxx.xxx.xxx is less than or equal to yyy.yyy.yyy.yyy. To specify a single IP address, use the same IP address for the start and endpoint of the range: 192.168.1.1 - 192.168.1.1
When a user attempts to log in, the IP address of the system the request originated from is checked against the configured settings. If the address is in the allowed range, the user can continue the login process. Otherwise, login is denied. Access violations are recorded in the audit log, identifying both the user and the IP address from where the login attempt originated. Login restrictions do not apply to Customer Support logins.
5. On the Administrative Permissions tab, select the operations a user can perform in order to view, create, update, upgrade, administer, and delete permissions and to allow the user to customize selected aspects of the platform.
Field
Description
User and Ownership Controls
User Management - Select this option if you want to add, update, delete users, or assign users to Access Profiles.
Access Control - Select this option if you want to allow a user to modify Access Profiles, specify user application access rights, manage Access Profiles, or specify the password policy.
Manage Personal Setup - Select this option if you want to allow a user to modify the personal information.
Account Controls
Manage Company Capabilities - Select this option if you want to allow users to modify the company information.
Allow User Interface Access - Select this option if you want to allow users to log in to Integration Cloud and access the user interface. Clear this option if you want to deny users to access the user interface. Further, even if you clear this option, all users can still interact with Integration Cloud using REST interface calls.
Note:  
If the Allow User Interface Access permission is not enabled for a user and if the user is a Partner user, that user will still be able to perform on-premise tasks.
Data Management Controls
Manage Audit Log - Select this option if you want to allow users to view the Audit Log. If this option is enabled, the Audit Log page will be displayed. If not selected, the user will not be able to view the Audit log page. To view the Audit Log screen, from the Integration Cloud navigation bar, click Monitor > Audit Log.
Functional Controls
Select the required options under Stages, Advanced Security, Application, Accounts, Operations, Reference Data, Document Types, Integrations, Dashboard, and Container. You must select the required permissions to administer, access, create, update, upgrade, delete, execute, or deploy those functions.
Note:  
The Container tab and Container related Administrative permissions are available only if you have the required license for Containers.
6. On the Container tab, enter the names of the webMethods Integration Server Access Control List (ACL) groups separated by a comma, for example, Administrators, Developers, and so on. Users who are assigned to this Access Profile will also be now part of the Integration Server container user group (s) and can perform tasks allowed for those user groups. If you do not map an Access Profile to an Integration Server group, you will not be able to invoke Integration Server services. For information about user groups, see the Managing Users and Groups section in the webMethods Integration Server Administrator’s Guide.
Note:  
Integration Cloud Administrator profiles are not automatically assigned to the Integration Server Administrators ACL group. If you do not enter any user groups in the Container User Groups field, but have configured Integration Server in a way such that it needs to verify the ACL groups you have entered in the Container User Groups field while invoking services, you will not be able to run or invoke Integration Server services from Integration Cloud.
7. The API Management tab displays the API management permissions.
Note:  
Integration Cloud provides the user management capability for API Gateway. You can create and manage API Management Access Profiles provided you have the required API Gateway Cloud and/or API Portal Cloud licenses.
Field
Description
User and Ownership Controls
User Management - Select this option if you want to create and manage users.
Select the following Functional Controls based on your requirements:
Field
Description
Manage APIs
To create and manage APIs.
Activate/Deactivate APIs
To activate, deactivate and manage APIs.
Publish to API Portal
To publish assets to API Portal.
Manage Applications
To create and manage applications and register applications with the APIs. You cannot modify or delete an application if you are not the owner of the application.
Manage aliases
To create and manage aliases.
Manage Global Policies
To apply a global policy to all APIs or the selected set of APIs.
Activate/Deactivate Global Policies
To activate and deactivate global policies.
Manage Policy Templates
To apply one or more policy templates to an API.
Manage Threat Protection Policies
To prevent malicious attacks on applications that typically involve large, recursive payloads, and SQL injections.
Manage Packages and Plans
To create packages and plans, associate a plan with a package, and associate APIs with a package. In addition, you can view the list of packages, package details, APIs, and plans associated with the package.
Activate/Deactivate Packages
To activate and deactivate packages.
Import Assets
To import already exported APIs, application, policies, and aliases by selecting Username > Import in API Gateway.
Export Assets
To export assets to your local system.
Manage general administration configurations
To create and manage administration configurations.
View Administration Configurations
To view administration configurations.
Manage General Configurations
To manage general configurations.
Manage Security Configurations
To create and manage security configurations.
Manage Destination Configurations
To publish events and performance metrics data to the configured destinations.
Manage System Settings
To create and manage system settings.
Purge/Restore Runtime Events
To purge and restore events from the API Gateway store by setting the required date or duration in API Gateway.
Manage Service Result Cache
To manage caching of the results of API invocations depending on the caching criteria defined.
API Portal Administrator
To manage all API Portal administrative tasks.
API Portal Provider
To manage all API Portal provider tasks.
8. Click Apply.
Containers
Access Profiles
Audit Log
Users
Password Policies
Copyright © 2015- 2017 Software AG, Darmstadt, Germany.
Product LogoContact Support   |   Community   |   Feedback