ABS users for API reports - PingIntelligence for APIs

ABS users for API reports - PingIntelligence for APIs - 4.4

PingIntelligence

bundle

pingintelligence-44

ft:publication_title

PingIntelligence

Product_Version_ce

PingIntelligence for APIs 4.4

category

APISecurity

AdvancedAPICybersecurity

Capability

Environment

Product

apisecurity

capability

linux

pi-44

pingintelligence

private

ContentType_ce

Page created: 6 Nov 2020 |

Page updated: 12 May 2021

| 1 min read

4.4 Capability API Security Advanced API Cybersecurity Linux On-Premises Operating System Hosting Environment PingIntelligence for APIs Product Administration User task

ABS has two type of users to access the API reports and PingIntelligence for APIs Dashboard. The API reports displayed is based on the type of user accessing the reports. The two users are:

Admin user: An Admin user has complete access to API reports. All the cookies, tokens, API keys, and Username are visible in the reports. Use the following headers in the API report URL to access API reports as an Admin user:
- x-abs-ak (access key header)
- x-abs-sk (secret key header)
Restricted user: A Restricted user has limited access to the API reports. The Restricted user can view the API reports however the cookies, tokens, and API keys are obfuscated. Use the following headers in the API report URL to access API reports as an Admin user:
- x-abs-ak-ru (access key header)
- x-abs-sk-ru (secret key header)
The restricted user can access all the API Reports except:
- Threshold API
- Cookie, OAuth2 Token, IP, API Key, and Username Forensics APIs

For a complete list of external REST APIs, see ABS External REST APIs.

The default access and secret key are configured in the opt/pingidentity/mongo/abs_init.js file. Following is a snippet of the abs_init.js showing the default passwords for both type of users.

db.auth_info.insert({
 "access_key": "abs_ak",
 "secret_key": "abs_sk",
 "access_key_ru" : "abs_ak_ru",
 "secret_key_ru" : "abs_sk_ru"
});