RESTful knowledge exchange
Post Reply
rvvliet78
Novice
Posts: 3
Liked: 1 time
Joined: Apr 26, 2017 9:43 am
Full Name: Rick van Vliet
Contact:

API permissions

Post by rvvliet78 » May 03, 2017 2:12 pm 1 person likes this post

Hi,

I would like to submit a feature in the permissions of the rest API.

In our environment we have an Infra team who are responsible for the backup servers and they configure the jobs and we have Teams dedicated to serving customers. As each customer team has their own monitoring server they would like to use the Rest API to get the latest job status and failed jobs and stuff.

At the moment this information is only available with a user within Veeam that has full Admin permissions. If I give the teams a user account with admin permissions they can potentially remove jobs for other teams or restore VM's from other teams.
Some of our customers have sensitive data that the team serving them is only allowed to access, if someone from another team can change his permissions via the api they can access this data which will cause ISO certification issues.

It is however not a problem for them to see if jobs of other teams are successfull or fail so a "Read-only" permission would be more then sufficient.

Kind Regards,

Rick

dhc
Service Provider
Posts: 2
Liked: never
Joined: Feb 07, 2018 2:17 pm
Full Name: David Haynes
Contact:

[MERGED] Minimum permission required?

Post by dhc » Feb 12, 2018 1:24 pm

I would like to use the REST API in a read-only mode except for the required POST to get the access token. What is the minimum permission required so that I can read elements like /backups/{id}, /restorepoints and /cloud/tenants? Does it have to the 'Admin' or is there some lesser permission role?

Thanks

veremin
Product Manager
Posts: 16554
Liked: 1379 times
Joined: Oct 26, 2012 3:28 pm
Full Name: Vladimir Eremin
Contact:

Re: API permissions

Post by veremin » Feb 12, 2018 2:29 pm

Currently only users with Admin permissions can operate with RESTful APIs, but consider your feature request noted. Thanks.

benyoung
Service Provider
Posts: 103
Liked: 23 times
Joined: May 25, 2016 3:29 am
Full Name: Ben Young
Contact:

Re: API permissions

Post by benyoung » Feb 28, 2018 2:26 am

We do a similar thing here in our multi tenant environment - achieving this by effectively fronting the veeam environment via our own API - as we do with the other systems, vCenter, Fortinet etc

Although it is a bit of work you can control exactly what you want people to access as well as augment that information with other data sources if required and quite often we have our schema different by prefetching other related data from veeam at the same time, such as job sessions/restore point data to prevent multiple calls having to be made if that is the intended use for the data

spine
Service Provider
Posts: 12
Liked: never
Joined: Mar 13, 2019 8:33 pm
Full Name: Steven Pine
Contact:

Re: API permissions

Post by spine » Mar 13, 2019 8:40 pm

Are there any updates to this question? We also are in need of multiple read only credentials to a variety of clients enterprise api portals.

nielsengelen
Veeam Software
Posts: 2587
Liked: 531 times
Joined: Jul 15, 2013 11:09 am
Full Name: Niels Engelen
Contact:

Re: API permissions

Post by nielsengelen » Mar 13, 2019 9:42 pm

Currently no update yet when this will be added however your feature request is noted.
VCP-DCV
Veeam Certified Architect (VMCA)
http://foonet.be

masonit
Service Provider
Posts: 212
Liked: 14 times
Joined: Oct 09, 2012 2:30 pm
Full Name: Magnus
Contact:

Re: API permissions

Post by masonit » Jun 05, 2019 1:21 pm

Hi

Think I have the same request as others in this thread.

I am doing some testing with Veeam vCloud self service portal and also its rest api. Api works fine as an administrator. But when trying to connect to Api using an vCloud tenant account. Then I can't connect. Shouldn't a vCloud tenant user be able to connect to Veeam self service rest api and manage their own jobs/backups/restore through rest api? In the same way as they can manage them using the web portal?

\Masonit

veremin
Product Manager
Posts: 16554
Liked: 1379 times
Joined: Oct 26, 2012 3:28 pm
Full Name: Vladimir Eremin
Contact:

Re: API permissions

Post by veremin » Jun 11, 2019 11:19 am

We have this functionality only for Cloud Connect Backup & Replication tenants.

Let's consider your post as a feature request for future product versions.

Thanks!

masonit
Service Provider
Posts: 212
Liked: 14 times
Joined: Oct 09, 2012 2:30 pm
Full Name: Magnus
Contact:

Re: API permissions

Post by masonit » Jun 13, 2019 2:09 pm

Please do. Big limitation when customer can create vCloud vms with api. But not backup.

\Masonit

veremin
Product Manager
Posts: 16554
Liked: 1379 times
Joined: Oct 26, 2012 3:28 pm
Full Name: Vladimir Eremin
Contact:

Re: API permissions

Post by veremin » Jun 13, 2019 4:16 pm

Got it, your voice has been heard. Thanks!

Post Reply

Who is online

Users browsing this forum: No registered users and 2 guests