...
- Log in to the Management Console (https://localhost:9443/carbon) and select Users and Roles under theConfiguremenu. For instructions on accessing the Management Console, see Running the Product.
- In the User Management page that opens, click Roles and Add New Role link.
Table of Contents maxLevel 4 minLevel 4 Adding the
creatorrole - Add user roles role as
creatorand click Next. . The Domain drop-down list contains all user stores configured for this product instance. By default, you only have the PRIMARY user store. To configure secondary user stores, see Configuring Secondary User Stores.
- Give the following privileges to the creator role. You can select them from the list of permissions that appears.
- Configure > Governance and all underlying permissions.
- Login
- Manage > API > Create
- Manage > Resources > Govern and all underlying permissions
Any user with the above permissions assigned is able to create, update and manage APIs using the API Publisher Web interface.
- Click Finish once you are done adding permission. The role will be listed in the Roles window as follows:
From here, you can rename, edit, delete or assign users to the role.
Adding
...
the
publisher
...
role
...
- In the Add Role
...
- page, add user role as publisher and click Next.
...
...
- The Domain drop-down list contains all user stores configured for this product instance. By default, you only have the PRIMARY user store. To configure secondary user stores, see Configuring Secondary User Stores.
- Give the following privileges to the publisher role by selecting them from the list of permissions that appears.
- Login
- Manage > API > Publish
...
Any user with the above permissions assigned is able to manage the API's life cycle using the API Publisher Web interface.
...
- Click Finish once you are done adding permission. The role will be listed in the Roles window as follows:
...
From here, you can rename, edit, delete or assign users to the role.
The
...
default
subscriber
...
role
When you first log in to the Management Console, you can see the subscriber role already there, defined out of the box. The reason is because API Manager assigns this default subscriber role to all users
...
who self-register to the API Store.
Follow the instructions below
...
to create a different role with the same permission levels.
...
- In the Add Role window, add a suitable name for the role and click Next. For example,
...
...
- Give the following privileges to the new role.
- Login
- Manage > API > Subscribe
Any user with the above permissions assigned is able to log in to the API Store and perform operations on the published APIs.
...
- Click Finish once you are done adding permission. The role will be listed in the Roles window.
...
- Open
<APIM_HOME>/repository/conf/api-manager.xmlfile and edit the<SelfSignUp>element to reflect the newly added role. For example,Code Block language html/xml <SelfSignUp> <Enabled>true</Enabled> <SubscriberRoleName>NewSubscriber</SubscriberRoleName> <CreateSubscriberRole>true</CreateSubscriberRole> </SelfSignUp>Editing this file ensures that all users who self-sign-up to API Store are automatically assigned
...
the
NewSubscriber
...
role.
Info title Info The <CreateSubscriberRole> parameter specifies whether the subscriber role should be created in the local user store or not. It is only used when the API subscribers are authenticated against the local user store. That means the local Carbon server is acting as the AuthManager.
Set this parameter to false if a remote Carbon server acts as the AuthManager.