Creating Custom Users to Perform apictl Operations¶
To perform tasks using the WSO2 API Controller (apictl), a particular user must have required scopes. From WSO2 API Manager (WSO2 API-M) 3.2.0 onwards, a new role named
Internal/devops has been introduced who has the ability to perform all the apictl related operations. You just need to create a new user (Refer Adding a new User to learn about adding new users), assign the role
Internal/devops and use that user to perform the apictl operations.
Minimal permissions and scopes required to perform apictl operations¶
Further, you can create your own custom user with a custom role to perform specific set of apictl operations. Refer the below table to learn about the required scopes that are needed for each of the apictl operation.
Steps to create a custom user with a custom role for your need
- As shown in Create user roles section, you can create your own custom user role by assigning scopes that are required to perform a particular set of apictl operations by referring the table below.
- Then, create a user as explained in Adding a new User, by assigning the custom role that you created in the above step, to that user.
- Now you can login to apictl (using
apictl login <env-name>command) and perform the particular set of operations as per your need.
get api-loggingcommand can be executed only with a user who has super admin permissions.
|import api policy||apim:policies_import_export|
|export api policy||apim:policies_import_export|