Questions Re: API key permissions for MSP

  • 6 December 2018
  • 1 reply

Badge +1
Background: I work for an MSP in a sysadmin role so please forgive my limited dev skills. I'm looking at using the Unity API to integrate Webroot endpoint data into a LOB application. I have experience with making REST API calls via PowerShell to set custom properties and variables based on response data. 
I can create an API key in our GSM, but I'm not seeing any options to restrict the key to specific sites, datasets, read-only, etc permissions. Ideally, I'd like to limit key permissions to only allow a specific user account to make 'GET SkyStatus' calls to endpoints in a single site. If possible, I'd also like to restrict API key usage to a specific IP address.
Can anyone provide further guidance on hardening GSM console security when using the Unity API?

1 reply

Userlevel 4
Badge +11
Hi, so if you look at auth on Unity there are 2 groups of credentials sent, the API account and the GSM console user account. When going through Auth it's the GSM cosole user permissions that determine access. If you want different access setup more GSM Console users for each site.
Does that make sense?