Creating Custom Users to Perform apictl Operations¶
To perform tasks using the WSO2 API Controller (apictl), a particular user must have required permissions and scopes. From WSO2 API Manager (WSO2 API-M) 3.2.0 onwards, a new role named
Internal/devops has been introduced who has the ability to perform all the apictl related operations. You just need to create a new user (Refer Adding a new User to learn about adding new users), assign the role
Internal/devops and use that user to perform the apictl operations.
Minimal permissions and scopes required to perform apictl operations¶
Further, you can create your own custom user with a custom role to perform specific set of apictl operations. Refer the below table to learn about the required permissions and scopes that are needed for each of the apictl operation.
Steps to create a custom user with a custom role for your need
- As shown in Create user roles section, you can create your own custom user role by assigning permissions and scopes that are required to perform a particular set of apictl operations by referring the table below.
- Then, create a user as explained in Adding a new User, by assigning the custom role that you created in the above step, to that user.
- Now you can login to apictl (using
apictl login <env-name>command) and perform the particular set of operations as per your need.
|Operation||Minimal Permissions||Minimal Scopes|
|login||API Create or API Publish or API Subscribe||-|
|logout||API Create or API Publish or API Subscribe||-|
|get APIs||API Create or API Publish or API Subscribe||apim:api_import_export|
|delete API||API Create||apim:api_import_export|
|change-status API||API Publish||apim:api_import_export|
|import api||API Create to import an API in CREATED state,
Both API Create and API Publish to import an API in PUBLISHED state
|delete api-product||API Publish||apim:api_product_import_export|
|import api-product||API Publish||apim:api_product_import_export|
|delete app||API Subscribe||apim:app_import_export|
|import app||API Subscribe||apim:app_import_export|
|get keys||API Subscribe||apim:app_manage,