Proactively manage modern hybrid environments with predictive insights, intelligent automation, and full-stack observability.
Explore solutionsExplore our resource library for IT pros. Get expert guides, observability strategies, and real-world insights to power smarter, AI-driven operations.
Explore resourcesOur observability platform proactively delivers the insights and automation CIOs need to accelerate innovation.
About LogicMonitorLast updated - 23 July, 2025
You can use LogicMonitor’s REST API to programmatically manage the user roles in your account.
Using LogicMonitor’s REST API, you can:
Note: As with all of our API calls, authentication is required.
/setting/roles
All roles have the following properties:
Property |
Description |
Type |
| id | The Id of the role | Integer |
| name | The name of the role | String |
| description | The description of the role | String |
| customHelpLabel | The label for the custom help URL as it will appear in the Help & Support dropdown menu | String |
| customHelpURL | The URL that should be added to the Help & Support dropdown menu | String |
| associatedUserCount | The number of users with this role applied | Integer |
| requireEula | Whether or not users assigned this role should be required to acknowledge the EULA (end user license agreement) | Boolean |
| privileges | The account privileges associated with the role. Privileges can be added to a role for each area of your account, where each privilege object has the following format: "privileges" : [ {
"objectType" : "host_group",
"objectId" : "*",
"objectName" : "*",
"operation" : "write"
}, {
"objectType" : "dashboard_group",
"objectId" : "*",
"objectName" : "*",
"operation" : "write"
}]
|
JSON Object |
Resource |
objectType |
objectId |
objectName |
operation |
Example |
| Dashboards | dashboard | The id of the dashboard that the permission specified in operation should be granted for. A * can be used to indicate all dashboards. Note that you can only grant permissions for individual dashboards if they are ungrouped. You can find the id for a dashboard in the URL bar of your LogicMonitor account. Alternatively you can make a GET request to LogicMonitor’s REST API dashboards resource. | The name of the dashboard that the permission specified in operation should be granted for. A * can be used to indicate all dashboards. | write | read | {
“objectType” : “dashboard”, “objectId” : “32”, “objectName” : “Resource Allocation”, “operation” : “write” } |
| Dashboard Groups | dashboard_group | The id of the dashboard group that the permission specified in operation should be granted for. A * can be used to indicate all groups. | The name of the dashboard group that the permission specified in operation should be granted for. A * can be used to indicate all groups. | write | read | {
“objectType” : “dashboard_group”, “objectId” : “*”, “objectName” : “*”, “operation” : “write” } |
| Private Dashboards | dashboard_group | private | private | write (ability to create private dashboards) | {
“objectType” : “dashboard_group”, “objectId” : “private”, “objectName” : “private”, “operation” : “write” } |
| Device Groups | host_group | The id of the device group that the permission specified in operation should be granted for. A * can be used to indicate all groups. You can find the id for a device group in the URL bar of your LogicMonitor account. Alternatively, you can make a GET request to LogicMonitor’s REST API device groups resource. | The name of the device group that the permission specified in operation should be granted for. A * can be used to indicate all groups. | write | read | ack | {
“objectType” : “host_group”, “objectId” : “*”, “objectName” : “*”, “operation” : “write” } |
| Device Dashboards | deviceDashboard | leave blank | deviceDashboard | write | {
“objectType” : “deviceDashboard”, “objectId” : “”, “objectName” : “deviceDashboard”, “operation” : “write” } |
| Configs Tab | configNeedDeviceManagePermission | leave blank | configNeedDeviceManagePermission | write | {
“objectType” : “configNeedDeviceManagePermission”, “objectId” : “”, “objectName” : “configNeedDeviceManagePermission”, “operation” : “write” } |
| Remote Sessions | remoteSession | The id of the device group that the permission specified in operation should be granted for. A * can be used to indicate all groups. You can find the id for a device group in the URL bar of your LogicMonitor account. Alternatively, you can make a GET request to LogicMonitor’s REST API device group resource. | The name of the device group(s) that the permission specified in operation should be granted for. A * can be used to indicate all groups. | write | {
“objectType” : “remoteSession”, “objectId” : “*”, “objectName” : “*”, “operation” : “write” } |
| Reports | report_group | The id of the report group that the permission specified in operation should be granted for. A * can be used to indicate all groups. You can find report group ids with a GET request to LogicMonitor’s REST API report groups resource. | The name of the report group that the permission specified in operation should be granted for. A * can be used to indicate all groups. | write | read | {
“objectType” : “report_group”, “objectId” : “*”, “objectName” : “*”, “operation” : “write” } |
| Services | service_group | The id of the service group that the permission specified in operation should be granted for. A * can be used to indicate all groups. You can find service group ids with a GET request to LogicMonitor’s REST API service groups resource. | The name of the service group that the permission specified in operation should be granted for. A * can be used to indicate all groups. | write | read | {
“objectType” : “service_group”, “objectId” : “*”, “objectName” : “*”, “operation” : “write” |
| Settings | setting | The name of the settings section that the permission specified in operation should be granted for. A * can be used to indicate all sections. The settings sections are: accesslog, accountinfo, alert, collector.*, collectorgroup.groupId, datasource.*, integration, messagetemplate, useraccess.*, useraccess.personalinfo and useraccess.apitoken | Same as objectId. The name of the settings section that the permission specified in operation should be granted for. A * can be used to indicate all sections. The settings sections are: accesslog, accountinfo, alert, collector.*, collectorgroup.groupId, datasource.*, integration, messagetemplate, useraccess.*, useraccess.personalinfo and useraccess.apitoken | write | read Note that only write is available for useraccess.personalinfo and useraccess.apitoken |
{
“objectType” : “setting”, “objectId” : “collectorgroup.4”, “objectName” : “win7a”, “operation” : “read” } |
| Help & Support Menu (? menu in your account) | help | The name of the Help & Support menu option that the permission specified in operation should be granted for. A * can be used to indicate all options. The Help & Support options are: document (Documentation), chat (Chat with Engineer), support (Support Request), and feedback (Feedback). | help | read (available for all resources except chat) write (available for chat only) |
{
“objectType” : “help”, “objectId” : “chat”, “objectName” : “help”, “operation” : “write” } |