User Admin Role in APIGEE

Not applicable

Hi All,

I know that the user administration can be done by org admin role in APIGEE.

Is it possible to create a User Admin role which can handle user/role administration specific tasks (Adding/Deleting users to a role) only as Org Admain has many more privileges?

I tried achieving this with Management APIs but not able to do it.

Thanks in advance!!

Solved Solved
1 3 583
1 ACCEPTED SOLUTION

Not applicable

Finally I managed to create a user admin role.

Following are the steps I followed to create user admin role:

1. Created User Admin Role from Edge UI (without giving access to any of the resource.)

2. Added permission to following resource with this management api.

	{
            "organization": "orgname",
            "path": "/userroles",
            "permissions": [
                "get",
                "put"
            ]
        },
        {
            "organization": "orgname",
            "path": "/userroles/*/permissions",
            "permissions": [
                "get",
                "put"
            ]
        }

3. Added a user to User Admin Role with org admin's credential.

Now I have to figure out how can I achieve step 1 and 2 in one single API call. I am not able to find out minimum required permissions that a user role should have.

Thanks.

View solution in original post

3 REPLIES 3

Not applicable

Finally I managed to create a user admin role.

Following are the steps I followed to create user admin role:

1. Created User Admin Role from Edge UI (without giving access to any of the resource.)

2. Added permission to following resource with this management api.

	{
            "organization": "orgname",
            "path": "/userroles",
            "permissions": [
                "get",
                "put"
            ]
        },
        {
            "organization": "orgname",
            "path": "/userroles/*/permissions",
            "permissions": [
                "get",
                "put"
            ]
        }

3. Added a user to User Admin Role with org admin's credential.

Now I have to figure out how can I achieve step 1 and 2 in one single API call. I am not able to find out minimum required permissions that a user role should have.

Thanks.

Thank you @Vipul Agarwal for sharing the solution with community !! +1

Hi @Vipul Agarwal, thanks for your post! We're facing a similar issue here with our OPDK installation. Namely, we need an Admin for Users and Analytics. Your solution works fine for us, when using the management api. Users with the "User Admin" role can manipulate roles via the management API. Nonetheless, when logging into Edge UI with a "User Admin"-Account, the Menu Item "Admin" is missing. Hence, our User Admins can't change roles in Edge UI. Do you face the same problem? @Anil Sagar @ Google What do we have to do, so the Admin menu item is displayed? Thanks and best regards