API permissions

RESTful knowledge exchange

API permissions

Veeam Logoby rvvliet78 » Wed May 03, 2017 2:12 pm


I would like to submit a feature in the permissions of the rest API.

In our environment we have an Infra team who are responsible for the backup servers and they configure the jobs and we have Teams dedicated to serving customers. As each customer team has their own monitoring server they would like to use the Rest API to get the latest job status and failed jobs and stuff.

At the moment this information is only available with a user within Veeam that has full Admin permissions. If I give the teams a user account with admin permissions they can potentially remove jobs for other teams or restore VM's from other teams.
Some of our customers have sensitive data that the team serving them is only allowed to access, if someone from another team can change his permissions via the api they can access this data which will cause ISO certification issues.

It is however not a problem for them to see if jobs of other teams are successfull or fail so a "Read-only" permission would be more then sufficient.

Kind Regards,

Posts: 3
Liked: never
Joined: Wed Apr 26, 2017 9:43 am
Full Name: Rick van Vliet

[MERGED] Minimum permission required?

Veeam Logoby dhc » Mon Feb 12, 2018 1:24 pm

I would like to use the REST API in a read-only mode except for the required POST to get the access token. What is the minimum permission required so that I can read elements like /backups/{id}, /restorepoints and /cloud/tenants? Does it have to the 'Admin' or is there some lesser permission role?

Posts: 1
Liked: never
Joined: Wed Feb 07, 2018 2:17 pm
Full Name: David Haynes

Re: API permissions

Veeam Logoby v.Eremin » Mon Feb 12, 2018 2:29 pm

Currently only users with Admin permissions can operate with RESTful APIs, but consider your feature request noted. Thanks.
Veeam Software
Posts: 14360
Liked: 1075 times
Joined: Fri Oct 26, 2012 3:28 pm
Full Name: Vladimir Eremin

Re: API permissions

Veeam Logoby benyoung » Wed Feb 28, 2018 2:26 am

We do a similar thing here in our multi tenant environment - achieving this by effectively fronting the veeam environment via our own API - as we do with the other systems, vCenter, Fortinet etc

Although it is a bit of work you can control exactly what you want people to access as well as augment that information with other data sources if required and quite often we have our schema different by prefetching other related data from veeam at the same time, such as job sessions/restore point data to prevent multiple calls having to be made if that is the intended use for the data
Service Provider
Posts: 43
Liked: 8 times
Joined: Wed May 25, 2016 3:29 am
Full Name: Ben Young

Return to RESTful API

Who is online

Users browsing this forum: No registered users and 1 guest