mirror of https://github.com/Icinga/icinga2.git
clarify the permision system of the api in the docs
Clarify that the permission system used by the api isn't equivalent with the system used by the Icinga Web 2 frontend. And that its rather based on the url scheme of the API endpoints.
This commit is contained in:
parent
592fb22c7f
commit
1f681e195d
|
@ -196,13 +196,15 @@ actions on the URL endpoints.
|
||||||
|
|
||||||
Permissions for API users must be specified in the `permissions` attribute
|
Permissions for API users must be specified in the `permissions` attribute
|
||||||
as array. The array items can be a list of permission strings with wildcard
|
as array. The array items can be a list of permission strings with wildcard
|
||||||
matches.
|
matches. Please notice, that the permission system that is used by the API differs from the permission system used by the Icinga Web 2 frontend or other parts of Icinga 2.
|
||||||
|
|
||||||
|
The permission system mainly relies on the url scheme of the API endpoints (See listing below).
|
||||||
|
|
||||||
Example for an API user with all permissions:
|
Example for an API user with all permissions:
|
||||||
|
|
||||||
permissions = [ "*" ]
|
permissions = [ "*" ]
|
||||||
|
|
||||||
Note that you can use wildcards. Here's another example that only allows the user
|
Note that you can use wildcards to include all possible hierarchically lower items. Here's another example that only allows the user
|
||||||
to perform read-only object queries for hosts and services:
|
to perform read-only object queries for hosts and services:
|
||||||
|
|
||||||
permissions = [ "objects/query/Host", "objects/query/Service" ]
|
permissions = [ "objects/query/Host", "objects/query/Service" ]
|
||||||
|
|
Loading…
Reference in New Issue