ASM API Permissions/Passwords

book

Article ID: 224278

calendar_today

Updated On:

Products

CA App Synthetic Monitor

Issue/Introduction

1) With the v3 api , is it possible to restrict users accessing the api? (Set permissions)
2) how do you set up the api password if SSO is enabled.

Environment

Release : SAAS

Component :

Resolution

Answers from Engineering

1) No. APIv3 is available to all users who have access to ASM. However, users can perform only actions they can in the UI (everything is permission driven). In the future, the whole UI ASM application could be built on top of the APIv3 - all the logic will be moved from UI application to the APIv3.
2) There are 3 ways of authentication for APIs:
   a) old API credentials. The same credentials you use for the old API, can be changed in the UI, even for SSO authenticated users. This could be removed in a future release.
   b) API token
   c) OAuth2 token (
For now, you need the old API credentials or your UI access token (from cookies) to create tokens 2b and 2c. In the future, there could be a frontend application for token management.