If you have permission to edit roles in IBM®
API Connect, you can create custom
roles, and assign permissions, in a provider organization. You can create as many custom roles as
you want.
About this task
You create custom roles at the provider organization level; those roles are inherited by the
Catalogs and Spaces
in the provider organization. You can assign permissions at the provider organization, Catalog or
Space level.
For a description of the permissions, and details of the default user roles and default
permissions assigned to those roles, see API Connect user
roles.
Note: In API
Manager, the
Organization Owner role has full access and cannot be edited or deleted. All other roles, including
custom roles, can be deleted. If you delete a role, users lose that role. If a user loses that role,
their account remains in API
Manager, enabling you to add a
role to the user at a future date.
Procedure
To create a custom role, complete the following steps:
- In the navigation pane of the API
Manager user interface, click
Settings
- Click Roles, then click Add.
The Create a Role page opens.
-
Enter a role Title and an optional Summary. A
Name is entered automatically.
Note: The value in the
Name field is a single string that is used to identify
the role in
developer toolkit CLI
commands. The
Title is used for display.
To view the CLI commands to manage
roles, see the toolkit CLI reference documentation.
-
Use the check boxes to assign permissions to the new role.
- When you are finished, click Save.
-
To delete a role, click the options icon alongside the role that you want to delete, click Delete, then click
Delete again to confirm the role deletion.
Note:
- You can create and delete a role only at the provider organization level. You cannot create or
delete a role at the Catalog level. Nor can you create or delete a role at the Space
level.
You can, however, assign Catalog-specific permissions to the role; for details, see
Creating and configuring Catalogs.
You can also assign Space-specific
permissions; for details, see Managing user access in a Space; for more
information on Spaces, see Using syndication in API Connect.
- If you assign Product-Drafts or Api-Drafts
permissions to the role, these permissions are not inherited by the role in a Catalog or Space. These
permissions apply to working with draft Products and APIs in a provider organization and are not
relevant in a Catalog or Space.
Results
The custom role is created and assigned the permissions that
you selected.
What to do next
Assign the custom role to a user.