This documentation is for WSO2 API Manager 2.1.0. View documentation for the latest release.

All docs This doc

Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Permission levelDescription of UI menus enabled
Admin

When the Admin permission node is selected, the following menus are enabled in the management console:

- User Store Management: This permission allows users to add new user stores and manage them with the management console. Note that only secondary user stores can be added using this option. For more details, see Configuring User Stores.
- Identity Providers: For details on how to use this option, see Adding and Configuring an Identity Provider.

- Additionally, all permissions listed under Admin in the permissions navigator are selected automatically.

Admin/Configure

When the Admin/Configure permission node is selected, the following menus are enabled in the management console:

-

 Main

 Main menu/PAP: For details on how to use this option, see Working with Entitlement.
-

 Main

 Main menu/PDP: For details on how to use this option, see Working with Entitlement.
Configure menu/Datasources: For details on how to use this option, see managing datasources.
- Configure
menu/Server Roles: For more details, see Server Roles.
- Tools
menu/Tryit (XACML): For details on how to use this option, see Using the XACML TryIt Tool.

- Additionally, all permissions listed under Configure in the permissions navigator are selected automatically.

Admin/Configure/SecurityWhen the Admin/Configure/Security permission node is selected, the following menus are enabled in the Configure menu of the management console:

- Claim Management: For details on how to use this option, see Claim Management.
- Keystores: For details on how to use this option, see Configuring Keystores in WSO2 API Manager.
- Service Principle (Kerberos KDC): For details on how to use this option, see Kerberos Security.
- Email Templates: For details on how to use this option, see Email Templates.

- This permission will also enable the Roles option under Configure/Users and Roles. For more information, see Managing Users and Roles.

- Additionally, all permissions listed under Security in the permissions navigator are selected automatically.
Admin/Configure/Security/Identity Management/Password ManagementThis permission enables the Change Password option for the users listed in the User Management/Users and Roles/Users screen, which allows the logged in user to change the passwords.
Admin/Configure/Security/Identity Management/Profile ManagementThis permission enables the User Profile option for the users listed in the User Management/Users and Roles/Users screen, which allows the logged in user to update user profiles.
Admin/Configure/Security/Identity Management/User ManagementThis permission enables the possibility to add users from the management console. That is, the Users option will be enabled under Configure/Users and Roles.
Admin/ManageWhen the Admin/Manage permission is selected, the following menus will be enabled in the management console:

- Main menu/Service Providers: For details on how to use this option, see Adding and Configuring a Service Provider.
- Tools menu/SAML: For details on how to use this option, see Using the SAML2 Toolkit.

- Additionally, all permissions listed under Admin/Manage in the permissions navigator will be enabled automatically. 
Admin/Manage/AddManage menu/Configure/Modules: This permission enables listing of the modules.
Manage menu/Configure/Services: This permission enables listing of the services.
Manage menu/Configure/Webapps: This permission enables listing of the webapps

Manage menu/Add/Modules: This permission enables you to upload modules using the management console.
Manage menu/Add/Services: This permission enables you to upload/generate/create/schedule services in WSO2 DSS. See the tutorials on creating, generating, uploading data services and scheduling tasks.
Manage menu/Add/Webapps: This permission enables you to upload webapps using the management console.

Admin/Manage/Configure

.

Admin/Manage/API/CreateThis permission enables the possibility to create APIs in the API Publisher of the API Manager.
Admin/Manage/API/PublishThis permission enables the possibility to publish the APIs available in the API Publisher of the API Manager. Published APIs are then visible in the API Store of the API Manager.
Admin/Manage/API/SubscribeThis permission enables the possibility to subscribe to an API through an application, in the API Store of the API Manager.
Admin/Manage/API-M AdminThis permission enables the possibility to access the Admin Portal of the API Manager.
Admin/Manage/Dead Letter Channel

This permission enables users to see any queue information that is stored in the Dead Letter Channel. When this node is selected, the following permissions will be automatically granted:

  • Browse: Allows users to browse details of a queue stored in the Dead Letter Channel.
  • Delete: Allows users to delete any queue stored in the Dead Letter Channel.
  • Reroute: Allows users to reroute a queue stored in the Dead Letter Channel to any other queue chosen by the user.
  • Restore: Allows users to restore a queue stored in the Dead Letter Channel to the queue from which it originated.
Admin/Manage/ConfigureManage menu/Configure/Modules: This permission enables listing of the modules.
Manage menu/Configure/Services: This permission enables listing of the services.
Manage menu/Configure/Webapps: This permission enables listing of the webapps.
Admin/Manage/Queue

Manage menu/Queue/Add: This permission enables the option to Add queues. You will be able to add new queues and view a list of the available queues with this permission.

Note

Note that a user that has permission to Add new queues, by default obtains permission to consume messages from all queues created by the same user and to publish messages to the same queues.

Manage menu/Queue/Browse: This permission enables the Browse option for queues. When you go to the Main tab and click Queues > List, you will see the Browse link enabled for each queue.
Manage menu/Queue/Delete: This permission enables the Delete option for queues. When you go to the Main tab and click Queues > List, you will see the Delete link enabled for each queue.
Manage menu/Queue/Purge: This permission enables the Purge Messages option for queues. When you go to the Main tab and click Queues > List, you will see the Purge Messages link enabled for each queue.

Admin/Manage/Resources/BrowseThis permission enables the Browse option under the Registry menu in the main navigator. This option allows users to browse the resources stored in the registry by using the Registry tree navigator. For more information, see Working with the Registry.
Admin/Manage/SearchThis permission enables the Search option under the Registry sub menu in the Main menu. This option allows users to search for specific resources stored in the registry by filling in the search criteria. For more information, see Working with the Registry.
Admin/Manage/Subscription

Manage menu/Subscription/ViewQueueSubscriptions: This permission enables the possibility of viewing details of queue subscribers. The Subscription > Queue Subscription List option will be available in the Main tab.
Manage menu/Subscription/CloseQueueSubscriptions: This permission, in addition to the Admin/Manage/Subscription/ViewQueueSubscriptions permission, will allow users to close queue subscriptions.
Manage menu/Subscription/ViewTopicSubscriptions: This permission enables the possibility of viewing details of topic subscribers. The Subscription > Topic Subscription List option will be available in the Main tab.
Manage menu/Subscription/ViewTopicSubscriptions: This permission, in addition to the Admin/Manage/Subscription/ViewTopicSubscriptions permission, will allow users to close topic subscriptions.

Admin/Manage/Topic

Manage menu/Topic/Add: This permission enables the possibility of adding topics and sub topics. When you go to the Main tab, the Add option will be enabled for Topics, which can be used to add a new topic. When you go to Topics > List and select a particular topic, the Add Subtopic link will also be enabled.

Note

Note that a user that has permission to Add new topics, by default obtains permission to subscribe and publish to all the topics that are created by the same user.

Manage menu/Topic/Browse:
Manage menu/Topic/Delete: This permission enables the possibility of deleting topics and subtopics. When you go to Topics > List and select a particular topic, the Delete link will be enabled.

Note

Note that the Admin/Manage/Resources/Browse permission node should also be enabled for topic deletion to be allowed.

Manage menu/Topic/Details: This permission enables the possibility of checking the details of topics and subtopics. When you go to Topics > List and select a particular topic, the Details link will be enabled.

Admin/Monitor

When the Admin/Monitor permission node is selected, the following menus are enabled in the management console:

Monitor menu/System Statistics: This allows users to monitor performance statistics.
Monitor menu/SOAP Message Tracer: This allows users to monitor SOAP messages.
- Monitor menu/Message Flows: This allows users to monitor message flows.

- Additionally, all permissions listed under Admin/Monitor in the permissions navigator will be enabled automatically. 

Admin/Monitor/Logs

When the Admin/Monitor/Logs permission node is selected, the following menus are enabled in the management console:

- Monitor menu/System Logs: This allows users to monitor system logs.
- Monitor menu/Application Logs: This allows users to monitor application logs.

For details on how to use these options, see View and Download Logs.

Admin/Monitor/Metrics

When this node is selected, the following menus are enabled in the Monitor tab of the Management Console:

  • Metrics/JVM Metrics: Used for monitoring system statistics common to all products.
  • Metrics/Messaging Metrics: Used for monitoring API-M-specific statistics.