Configure provisioning API
The Provisioning API Configuration allows an administrator to control the type of vault provisioning requests available to users through the storage APIs (SOH, S3, and so on).
Provisioning user actions are disabled by default but can be set to Create Only (Delete by system administrator via Manager Web Interface or Manager REST API) or Create and Delete.
Use of the Provisioning API to create a vault requires the following.
- Provisioning API is enabled (Use the Settings tab and navigate to ) - Create Only or Create and Delete.
- Target user account is given the Vault Provisioner role () or (). See Roles.
- The system must be in vault mode. In container mode, the Provisioning API is enabled by default and is used for creating/deleting containers instead of vaults.
The Owner option for vault authorization (Vaults) is inherited when a vault is created through the provisioning API. It can also be assigned by the Security Officer. This option must be set for deletion by the user.
If the Provisioning API is disabled and never enabled, the Owner option still exists for the vault-account permission association. If the Provisioning API is disabled, no difference between the Owner option and the read/write option.