wheelbta.blogg.se - Sciencelogic em7 api

User accounts are granted access to their own user account information through the following resource: View details about a locked-out user account. The /access_lock resource supports the following methods: Action

X-EM7-info-message: Authentication temporarily locked due to too many failed authentication attemptsĪccount lockouts can be removed via the API using the /access_lock resource. X-EM7-status-message: Authentication failed due to lock While a user account is locked out, API requests specifying that user will return an HTTP 403 status code with the following ScienceLogic-specific header values: Choices are 1 hour through 24 hours, in one-hour increments. Specifies how long a user will be locked out of the user interface. All login attempts by the username will be denied. All login attempts by the username from the IP address will be denied. All login attempts from the IP address will be denied. In this field, you can select how the lockout will be applied. If a user enters incorrect login information multiple times in a row, that user will be locked out of the user interface. Number of times a user can supply incorrect login information (i.e., the number of consecutive API requests with an incorrect password before a lockout occurs). The following settings in the Behavior Settings page ( System > Settings > Behavior) control account lockouts: The account lockout functionality applies to API requests (i.e., if an incorrect password is specified in multiple, sequential API requests for a valid user account, the user account will be locked out).

User accounts that use a SAML provider for authentication cannot perform API requests unless the authentication profile for that user also includes an EM7 Internal or AD/LDAP authentication resource. For more information on the access permissions system in SL1, see the Access Permissions section. The following sections describe how the access permissions system applies to the API. The following API-specific access hooks have been deprecated and removed from SL1: API: Resource Indexes, API: Server Access, API: Virtual Device. NOTE: The new user interface architecture requires API access for all users API access is automatically granted to users.

Device groups and dashboards can be configured so that a user must be granted a specific access key to use that device group or dashboard.

Users of type "Administrator" can perform all actions on all resources, regardless of organization membership.

Entities are either explicitly aligned with organizations, aligned with organizations based on the user that created the entity, or are not aligned with an organization.

A user can interact only with entities associated with their organizations.

User access to the API is controlled in the same way user access to the Administration Portal is controlled: