Managing users and roles
Learn about users, roles, and their privileges in API Connect for GraphQL as a Service, and how to manage.
API Connect for GraphQL as a Service now supports centralized user management through IBM SaaS Console. This enables environment-based access control, role assignment, and key isolation for each user, improving collaboration and security.
Instance-level access
For managing the users and roles, you can use the Access Management feature in the IBM SaaS Console. To know more about managing SaaS user accounts, check Managing SaaS accounts in the IBM SaaS Console documentation.
| API Connect for GraphQL as a Service Custom Role | IBM SaaS Console Role | ||||
|---|---|---|---|---|---|
| Description | APICGQL administrator | APICGQL developer | Service owner | Service admin | Service user |
| Access API Connect for GraphQL admin key and API key | Yes | ||||
| Deploy GraphQL SDL in API Connect for GraphQL environment | Yes | Yes | Yes | Yes | Yes |
| List endpoints in API Connect for GraphQL environment | Yes | Yes | Yes | Yes | Yes |
| Delete an endpoint from API Connect for GraphQL environment | Yes | Yes | Yes | ||
| Make a request to an endpoint | Yes | Yes | Yes | Yes | Yes |
| Get endpoint's schema and configuration | Yes | Yes | Yes | Yes | Yes |
| Get the analytics for API Connect for GraphQL environment | Yes | Yes | Yes | ||
Creating API keys
You can create an API key for your API Connect for GraphQL environment using the IBM SaaS Console. For
more details, see Creating API keys in the IBM SaaS Console
documentation.
Note: To create an API key using the IBM SaaS Console, you must have at least the
Service admin or Service user role.
Using the generated API key, you can log into API Connect for GraphQL. For more details, see stepzen login using instance ID.