The Adminapp REST API is accessible only to authenticated admin users with the appropriate rights.
See Authentication of REST requests for more information about request authentication.
Property Adminapp >> Access Control defines the authorization of an authenticated REST client in the Adminapp REST API.
The default access control plugin Role-based Access Control controls access to a large set of actions. Refer to the plugin documentation in the Config Editor for further details.
Supported services (see ADMIN-REST-API-REFERENCE for technical details) are:
Service | Description | Configuration Path in Config Editor |
|---|---|---|
User Management | Comprehensive user management services (add, delete, modify, list, search, etc.). Get login statistics, lock/unlock user accounts, set validity range, etc. | Adminapp >> Users |
Password and Authentication Token Management | Management of users' authentication tokens: assign tokens to users, order new tokens, see token details, edit token details, order letters, etc. Define active authentication token for users, edit token migration details, etc. | mainly in Adminapp >> Users >> Authentication Tokens (Credentials) also various properties in Adminapp >> Users |
Generic Token API | Custom REST services for custom authentication tokens or other user-related custom information can be added by configuring a "Generic Token Controller" plugin. | Adminapp >> Users > Authentication Tokens (Credentials): add a Generic Token Controller |
Token Management | Management of tokens independently of users (e.g. manage hardware OTP tokens, view Cronto token licenses). | Adminapp >> Tokens |
Technical Client Management | Manage technical clients (API clients). | Adminapp >> Technical Clients |
Maintenance Messages | Manage maintenance messages (list, add, delete, modify). | Adminapp >> Maintenance Messages |
SMS Service | Send an SMS message and get the delivery status. | Adminapp >> REST API Configuration >> SMS Service Settings |
Tech Client Management | List, Lock/Unlock, and Delete technical clients (API clients). Related to PSD2 features (see STET PSD2 with Airlock components, NextGenPSD2 (Berlin Group) with Airlock Secure Access Hub) | Adminapp >> Technical Clients |
To access user attributes through the Adminapp REST API interface, every attribute must be configured as a User Profile Item. This ensures that both GUI and REST API enforce the same access restrictions. To configure User Profile Items see Admin roles and user groups in Adminapp.