josh2023's avatar
josh2023
Regular Visitor
10 months ago
Status:
New Idea

Create read-only admin role for REST API requests

Many of the REST API requests under /projects, /users, etc. require admin level permissions to execute.  The issue is if a user has admin level permissions they can also execute create, update and delete requests.  There are situations where management needs the ability to execute the GET requests associated to these admin level API for reporting purposes.  However, there is too much risk to give these users full admin privilages.

 

It would be beneficial if there was a "read-only" admin role that could be assigned to an account that would allow them to only execute the GET requests for these admin level REST API requests.

No CommentsBe the first to comment