Manage Admin Users

You can manage user administration access to API Creator, such as developing APIs, adding, editing, and deleting admin accounts, and assigning roles. This page is focused on admin security, using the built-in authentication provider, which is a user management system for development.

As for application security, authentication can occur in one of the following ways:

  • Add users and assign their roles using the built-in authentication provider, as shown on this page.
  • (Advanced users) Define users and their roles using a custom authentication provider. You can define users and their roles using your organizations' user list (Lightweight Directory Access Protocol (LDAP), Active Directory (AD)).
For more information:
  • About application security, particularly the differences between admin and application security, see Security.
  • About how to authorize users in your organization by defining an admin authentication provider, see Admin Authentication Providers.

Add and Delete Admin Users

  1. In API Creator, from the gear, select Your account.
    The Admin Users, User info tab opens. The following image shows the gear:
  2. Click Add (or Delete).
  3. Define the fields and save your changes.

Assign Admin User's Roles

  1. In API Creator, from the gear, select Your account.
    The Admin Users, User info tab opens.
  2. Click the Roles tab.
  3. Assign one of the following roles to the admin user and then save your changes:
    Account Admin

Assigns full access to/edit APIs and their settings.

Account Reader

Assigns read-only access information in their account.

Add Users using the Built-in Authentication Provider

You can add users using the built-in authentication provider. The users you add using this authentication provider are stored in the Admin database.

For more information about adding users using the built-in authentication provider, either using API Creator or programmatically, see Manage Users using the Built-in Authentication Provider.

Add Authorized Users using the Built-in Authentication Provider

You can add authorized users for your API using the built-in authentication provider. This authentication provider validates a user's logon credentials to Data Explorer or specific REST API endpoints.

For more information about the built-in authentication provider, including how to use it, see Authentication.

  1. With your API open, go to Manage, Users, User info tab and click Add.
  2. Modify the following fields and then save your changes:
User name

The user's username.

Full name

The full name for the user.

Password

The user's password.

Show password

Specifies whether to show the characters entered for the password or to hide the password.

Email

The login ID that corresponds to this auth token. Set this if you associate auth tokens with named users. If you do provide a value, we recommend a name that is clearly different from an actual user's identifier.

Lifespan

Define the lifespan for this user in days, hours, and minutes.

Status

The user's status.

The user is added.

Define a User's Role

A user can have one or more roles. The following image shows the Account Admin and Account Reader roles selected for the admin user Val on the Manage, Users, Roles tab. Observe that the user Val can access APIs but not managed databases.

Define a User's Globals

A user's globals is a comma-separated lists of values that apply only to this user (for example, deptNo=US Sales,email=alpha@test.com). You can access these values in JavaScript rules.

The following image shows the Manage, Users, Globals tab: