LogicMonitor seeks to disrupt AI landscape with $800M strategic investment at $2.4B valuation to revolutionize data centers.

Learn More

    Platform

    Get real-time insights and automation for comprehensive, seamless monitoring with agentless architecture.

    Platform Overview
  • Infrastructure
    monitoring
  • Cloud monitoring
  • Digital experience
  • AIOPS

      • Solutions

      Whether you work in MSP, Enterprise IT or somewhere in between, the solution is clear.

      Solutions Overview
    By Initiative
    By Industry

      About us

      Get to know LogicMonitor and our team.

      About us
    Get to know us
    Services

      Resources

      Explore our blogs, guides, case studies, eBooks, and more actionable insights to enhance your IT monitoring and observability.

      View Resources
    Learn

      Documentation

      Read through our documentation, check out our latest release notes, or submit a ticket to our world-class customer service team.

      View Resources
    Support

    Product Documentation

    Adding Roles

    Last updated on 07 October, 2024

    You can use LogicMonitor REST API v3 to add new roles to your LogicMonitor account. You must authenticate yourself before making the API request.

    URI: POST /setting/roles

    ParameterTypeDescription
    privilegesJSON Array(Mandatory) The account privileges associated with the role. This object should contain nested objects for each privilege granted to the user.
    Privileges can be added to a role for each area of your account. It includes:
    • operation – The privilege operation. Example – "operation": "write"
    • objectId – The privilege object identifier. Example – "objectId": "123"
    • objectType – The privilege object type. The values can be: 
      [dashboard_group|dashboard|host_group|service_group|website_group|report_group|remoteSession|chat|setting|device_dashboard|help|logs|configNeedDeviceManagePermission|map|resourceMapTab|tracesManageTab]

      Example – "objectType": "dashboard group"
    descriptionStringThe description of the role. Example – "description": "Administrator can do everything, including security-sensitive actions."
    customHelpLabelStringThe label for the custom help URL as it will appear in the Help and Support drop down menu. Example – "customHelpLabel": "Internal Support Resources"
    customHelpURLStringThe URL that should be added to the Help and Support drop down menu. Example – "customHelpURL": "https://logicmonitor.com/support"
    nameString(Mandatory) The name of the role. Role names are restricted to numbers, letters, and – and _ symbols. Example – "name": "administrator"
    twoFARequiredBooleanIndicates whether Two-Factor Authentication (2FA) is required for this role. Example – "twoFARequired": true
    requireEULABooleanIndicates whether or not users associated with this role are required to acknowledge the End User License Agreement (EULA). Example – "requireEULA": false
    roleGroupIdIntegerThe group Id of the role. Example – "roleGroupId": 2

    The following Python script adds a role ‘DB Team’ with permission to:

    • Manage private dashboards
    • Manage the ABC Corporation dashboard group
    • Manage the ‘Resource Allocation’ dashboard
    • View all device groups
    • Manage device dashboards
    • Edit personal user profile information
    • Manage API Tokens
    • View chats

    The role additionally includes a custom help URL and label that is displayed under the Help menu.

    #!/bin/env python
 
import requests
import json
import hashlib
import base64
import time
import hmac
import getpass

#Account Info: LogicMonitor recommends to NEVER hardcode the credentials. Instead, retrieve the values from a secure storage.
#Note: The below is provided for illustration purposes only.
AccessId = getpass.getpass("Enter your AccessId: ")
AccessKey = getpass.getpass("Enter your AccessKey: ")
Company = 'apiAccount'  
 
#Request Info
httpVerb ='POST'
resourcePath = '/setting/roles'
queryParams = ''
data = '{"name":"DB Team","customHelpLabel":"Internal Support Resources","customHelpURL":"https://logicmonitor.com/support","privileges":[{"objectType":"dashboard_group","objectId":"private","objectName":"private","operation":"write"},{"objectType":"dashboard_group","objectId":4,"objectName":"ABC Corporation","operation":"write"},{"objectType":"dashboard","objectId":77,"objectName":"Resource Allocation","operation":"write"},{"objectType":"host_group","objectId":"*","objectName":"*","operation":"read"},{"objectType":"deviceDashboard","objectId":"","operation":"write"},{"objectType":"setting","objectId":"useraccess.personalinfo","operation":"write"},{"objectType":"setting","objectId":"useraccess.apitoken","operation":"write"},{"objectType":"help","objectId":"chat","objectName":"help","operation":"write"}]}'
 
#Construct URL
url = 'https://'+ Company +'.logicmonitor.com/santaba/rest' + resourcePath +queryParams
 
#Get current time in milliseconds
epoch = str(int(time.time() * 1000))
 
#Concatenate Request details
requestVars = httpVerb + epoch + data + resourcePath
 
#Construct signature digest = hmac.new(
        AccessKey.encode('utf-8'),
        msg=requestVars.encode('utf-8'),
        digestmod=hashlib.sha256).hexdigest()
signature = base64.b64encode(digest.encode('utf-8')).decode('utf-8')  
 
#Construct headers
auth = 'LMv1 ' + AccessId + ':' + str(signature) + ':' + epoch
headers = {'Content-Type':'application/json','Authorization':auth,'X-Version':3}
 
#Make request
response = requests.post(url, data=data, headers=headers)
 
#Print status and body of response
print('Response Status:',response.status_code)
print('Response Body:',response.content)
    Python 3