Adding Roles
Last updated - 10 July, 2023
In this article
You can use LogicMonitor REST API v3 to add new roles to your LogicMonitor account. You must authenticate yourself before making the API request.
URI: POST /setting/roles
Parameter | Type | Description |
privileges | JSON Array | (Mandatory) The account privileges associated with the role. This object should contain nested objects for each privilege granted to the user. Privileges can be added to a role for each area of your account. It includes:
|
description | String | The description of the role. Example – "description": "Administrator can do everything, including security-sensitive actions." |
customHelpLabel | String | The label for the custom help URL as it will appear in the Help and Support drop down menu. Example – "customHelpLabel": "Internal Support Resources" |
customHelpURL | String | The URL that should be added to the Help and Support drop down menu. Example – "customHelpURL": "https://logicmonitor.com/support" |
name | String | (Mandatory) The name of the role. Role names are restricted to numbers, letters, and – and _ symbols. Example – "name": "administrator" |
twoFARequired | Boolean | Indicates whether Two-Factor Authentication (2FA) is required for this role. Example – "twoFARequired": true |
requireEULA | Boolean | Indicates whether or not users associated with this role are required to acknowledge the End User License Agreement (EULA). Example – "requireEULA": false |
roleGroupId | Integer | The group Id of the role. Example – "roleGroupId": 2 |
The following Python script adds a role ‘DB Team’ with permission to:
- Manage private dashboards
- Manage the ABC Corporation dashboard group
- Manage the ‘Resource Allocation’ dashboard
- View all device groups
- Manage device dashboards
- Edit personal user profile information
- Manage API Tokens
- View chats
The role additionally includes a custom help URL and label that is displayed under the Help menu.
#!/bin/env python
import requests
import json
import hashlib
import base64
import time
import hmac
import getpass
#Account Info: LogicMonitor recommends to NEVER hardcode the credentials. Instead, retrieve the values from a secure storage.
#Note: The below is provided for illustration purposes only.
AccessId = getpass.getpass("Enter your AccessId: ")
AccessKey = getpass.getpass("Enter your AccessKey: ")
Company = 'apiAccount'
#Request Info
httpVerb ='POST'
resourcePath = '/setting/roles'
queryParams = ''
data = '{"name":"DB Team","customHelpLabel":"Internal Support Resources","customHelpURL":"https://logicmonitor.com/support","privileges":[{"objectType":"dashboard_group","objectId":"private","objectName":"private","operation":"write"},{"objectType":"dashboard_group","objectId":4,"objectName":"ABC Corporation","operation":"write"},{"objectType":"dashboard","objectId":77,"objectName":"Resource Allocation","operation":"write"},{"objectType":"host_group","objectId":"*","objectName":"*","operation":"read"},{"objectType":"deviceDashboard","objectId":"","operation":"write"},{"objectType":"setting","objectId":"useraccess.personalinfo","operation":"write"},{"objectType":"setting","objectId":"useraccess.apitoken","operation":"write"},{"objectType":"help","objectId":"chat","objectName":"help","operation":"write"}]}'
#Construct URL
url = 'https://'+ Company +'.logicmonitor.com/santaba/rest' + resourcePath +queryParams
#Get current time in milliseconds
epoch = str(int(time.time() * 1000))
#Concatenate Request details
requestVars = httpVerb + epoch + data + resourcePath
#Construct signature digest = hmac.new(
AccessKey.encode('utf-8'),
msg=requestVars.encode('utf-8'),
digestmod=hashlib.sha256).hexdigest()
signature = base64.b64encode(digest.encode('utf-8')).decode('utf-8')
#Construct headers
auth = 'LMv1 ' + AccessId + ':' + str(signature) + ':' + epoch
headers = {'Content-Type':'application/json','Authorization':auth,'X-Version':3}
#Make request
response = requests.post(url, data=data, headers=headers)
#Print status and body of response
print('Response Status:',response.status_code)
print('Response Body:',response.content)