Hi,
As I'm having product level admin access for launch/analytics. One of our user requesting me to provide API level admin access to their team users(but purpose to provide only for one website dev/test/global report suite's). I don't find any separate feature to provide API level access. All i'm able to create profile and provide the necessary access. (all I want to give specific report suite/property access).
Is there anything specific things to be done for API level access?
Thanks
Solved! Go to Solution.
Views
Replies
Total Likes
Hi @prathap08,
If I have understood your requirement correctly, you want to give the user the API access but to a specific report suite. So, my suggestion will be to provide Developer access by referring to the below link.
Link: https://helpx.adobe.com/in/enterprise/using/manage-developers.html
After providing the developer access, create a service account integration & assign the product profile to your integration that has access only to the specific report suite to which you want to give the access. For more information on Service Account Integration, you can refer to the below documentation link.
Link: https://www.adobe.io/apis/experienceplatform/console/docs.html#!AdobeDocs/adobeio-console/master/ser...
Note: Even though the above link shows the access to Adobe Campaign but you can add access to other APIs as well.
Hope this helps.
Regards,
Abhinav
Views
Replies
Total Likes
To work with Analytics 2.0 APIs on the Adobe I/O Console, you need to have System Admin rights or developer permissions for your organization. For developer roles, you can refer to this help document: https://helpx.adobe.com/enterprise/using/manage-developers.html
Views
Replies
Total Likes
Hi @prathap08,
If I have understood your requirement correctly, you want to give the user the API access but to a specific report suite. So, my suggestion will be to provide Developer access by referring to the below link.
Link: https://helpx.adobe.com/in/enterprise/using/manage-developers.html
After providing the developer access, create a service account integration & assign the product profile to your integration that has access only to the specific report suite to which you want to give the access. For more information on Service Account Integration, you can refer to the below documentation link.
Link: https://www.adobe.io/apis/experienceplatform/console/docs.html#!AdobeDocs/adobeio-console/master/ser...
Note: Even though the above link shows the access to Adobe Campaign but you can add access to other APIs as well.
Hope this helps.
Regards,
Abhinav
Views
Replies
Total Likes
Hi @prathap08 ,
It depends on how much control over their own integration you want to share with that team. You have roughly four options:
1. For v1.4 API (which is completely tied to that user's login/permission scope), you need to give them "Web Service Access" through some AA product profile. Then provide the user their credentials from Analytics > Admin > All Admin > Web Services.
2. Give them full "Developer" permissions within the Admin Console (under Users > Developers). This lets them setup and maintain pretty much any v2.0 integration, but they may still need System Admin permissions to use User Management API or Privacy API.
3. Create a specific product profile which just contains the report suites/dimensions/metrics you want them to access data from, and, from the product profile, set them as a developer. Now when they maintain their own v2.0 integration within the I/O console, they can only select Analytics API and only the profile you've specified. (Be sure to appropriately name and set a description for this profile since, to other sys admins, it may appear unused with no users)
4. Create the v2.0 API yourself in the I/O console. Make it either OAuth based, and so they just need access to that report suite from their own user account, or make it JWT using a product profile that only has access to that report suite. It is sufficient to just provide the credentials from that project.
For option 4, it is important to note with JWT that the public-private certificates uploaded for authentication have an expiration date. If you are maintaining the project yourself, you will need to be mindful if the certificate is about to expire and if it will impact their workflow.
In this case, it sounds like option 3 is what you actually want.
Views
Replies
Total Likes
As you mentioned above, I have given OPTION 3. They are all good now.
Views
Replies
Total Likes