Missing permissions for API Manager in sysadmin adminRole (?)

m.hnat · 16 November 2023 13:53

I created a security user and added it to a user group with sysadmin role.
But the apimanager permission is missing?

Is there a reason for this or just a mistake?

settings.adminRoles.sysadmin = [ 
	"cms.access",
	"usermanager.*",
	"groupmanager.*",
	"systemConfiguration.*",
	"presideobject.security_user.*",
	"presideobject.security_group.*",
	"websiteBenefitsManager.*",
	"websiteUserManager.*",
	"sites.*",
	"presideobject.links.*",
	"notifications.*",
	"passwordPolicyManager.*",
	"urlRedirects.*",
	"systemInformation.*",
	"taskmanager.navigate",
	"taskmanager.viewlogs",
	"auditTrail.*",
	"rulesEngine.*",
	"emailCenter.*",
	"!emailCenter.queue.*",
	"savedExport.*",
	"formbuilder.*",
	"formquestions.*" 
];

Best
Michi

seb · 16 November 2023 23:38

It may be deliberate - Dom may be able to confirm.

By default, only the sysadmin (super) user has the permission (not users with sysadmin role).

If it’s not given by default to the sysadmin role, it might be an idea to create a separate APiManager role just for this…

m.hnat · 17 November 2023 10:43

The (valid) customer question was: “Why don’t I have access there even as a Sysadmin user (defined by the group)?”
That’s the reason for my question.
A separate API User Role would be really helpful. In my case I have a user who should manage API authentications.

Thanks, Michi

dominic.watson · 17 November 2023 10:56

I think it should be added. The decision at the time may have been to make this super user only by default. But time has passed and clearly that is no longer relevant or correct.

Of course, you are free to add a role to your application in the mean time