Configure authentication for the administrative API in PingAccess.
For more information on the PingAccess Administrative API, see Administrative API Endpoints.
You can configure roles for Administrative API users. Each role grants access to specific features.
- The Administrator role has full read and write access to the Admin API, unless
the Platform Administrator role is enabled. If the Platform Administrator role
is enabled, the Administrator only has read access to the Admin API endpoints
under the
/auth
,/users
, and/environment
paths, and has both read and write access to all other endpoints. - The Platform Administrator role has full read and write access to the Admin API. This role can be used with the Administrator role to grant full access to most features without the possibility of accidental lockout, with only the Platform Administrator able to change authorization configurations.
- The Auditor role has read access to all Admin API endpoints except for the
/config/*
,/backup/
, and/agent/*/config/
endpoints.