Authentication and security for APIs and requests

APIs use credential-based authentication. You must have a valid user ID and password to access APIs.

To control access to APIs, Administrators create accounts that have a user name, a role, and an associated password.

The role defines the level of access granted to users under that account. BMC Real End User Experience Monitoring Software Edition offers the following predefined roles:

 

User roles and access permissions

User role

Description

Security

Provides access to sensitive configurations, such as private key management, enabling and disabling the transaction capture, and configuring data confidentiality policies.

The Security role is given to a system administrator, who could perform the following tasks:

  • Install BMC Application Diagnostics Server (Portal and Collectors), and Agents.
  • Monitor system components status.
  • Manage system configurations.
AdministratorProvides access to all functions of the system that are not related to security. This role exists primarily for account management purposes.
Operator

Provides access to all features that the Administrator role has except for account management. This role exists for device and data management purposes.

The Operator or Observer role is given to application support personnel or application developers, who could perform the following tasks:

  • Identify which application tier and components are responsible for application outages.
  • Identify which application transactions are slow or not meeting SLA.
  • Identify which application components did a specific transaction traverse.
  • Identify what is causing a slowdown in the application transaction.
  • Determine if any application servers are experiencing performance issues.
  • Identify which users are impacted by the transaction slowdowns or outages.
Observer

In BMC Application Diagnostics, the Observer role is the same as the Operator role.

When integrated with BMC Real End User Experience Monitoring, the Observer role provides access to the web interface, but users with this role cannot make any configuration changes other than to save query settings. The permissions of this role are sufficient to perform day-to-day tasks.

ExportProvides no access to the web interface and is limited to downloading data via data export APIs.

The following table shows access levels for each role.

Roles and permissions matrix

Permission →


Role ↓

Security
settings
access

Accounts
access

Overall
configuration
access

Web
interface
access

Data
download

Security

Administrator

Operator

Observer

Export

Related topics

Analyzer user accounts and roles

Enabling the API functionality

Was this page helpful? Yes No Submitting... Thank you

Comments