How can we provide a user with REST access to both Performance Management and Data Aggregator REST web services. The user should not also have access to the Performance Management UI.
Internal requirements demand a user with REST access, while the user is unable to access the Performance Management web user interface.
All supported Performance Management releases
This is specific to Performance Center REST based web services that require user authorization. This requires both an Administrative Role and a User. The key to this user having REST web services access without web UI access, is the creation of an empty or permissionless Role.
This doesn't apply to Data Aggregator REST based web services, which with the exception of the Data Aggregator based OpenAPI OData services, do not require user authentication.
Note that there is no Read-Only vs Read-Write control in Performance Management REST web services overall. Users with REST access but not UI access will still be able to implement changes via REST web services.
To set up the required User and Role:
After 200 Success for the PUT REST call, we can use the following URL in a browser to validate the new Role is now listed as an Administrative role.
Note: When creating the new user, if assigning it only the Collections group tree, the user will be able to only see Devices. If the user should also see Interface and Component items as well, add the All Groups group to the users access.