Updating Role Details
Last updated on 07 October, 2024You can use LogicMonitor REST API v3 to update role details. You must authenticate yourself before making the API request.
To make partial updates to a role, make a PATCH request. To completely update a role, make a PUT request.
URI: PATCH /setting/roles/{id}
URI: PUT /setting/roles/{id}
Note: As per the REST standards, any property which is not specified in the PUT request will revert to its default value.
| Parameter | Type | Description |
id | Integer | (Mandatory) The Id of the role that you want to update. |
privileges | JSON Array | (Mandatory) The account privileges associated with the role. This object should contain nested objects for each privilege granted to the user. Privileges can be added to a role for each area of your account. It includes:
|
description | String | The description of the role. Example – "description": "Administrator can do everything, including security-sensitive actions." |
customHelpLabel | String | The label for the custom help URL as it will appear in the Help and Support drop-down menu. Example – "customHelpLabel": "Internal Support Resources" |
customHelpURL | String | The URL that should be added to the Help and Support drop-down menu. Example – "customHelpURL": "https://logicmonitor.com/support" |
name | String | (Mandatory) The name of the role. Role names are restricted to numbers, letters, and – and _ symbols. Example – "name": "administrator" |
twoFARequired | Boolean | Indicates whether Two-Factor Authentication (2FA) is required for this role. Example – "twoFARequired": true |
requireEULA | Boolean | Indicates whether or not users associated with this role are required to acknowledge the End User License Agreement (EULA). Example – "requireEULA": false |
roleGroupId | Integer | The group Id of the role that you want to update. Example – "roleGroupId": 2 |
Permissions Required to Update Modules Threshold
To update the modules threshold at the resource level, you must have the following permissions:
- The manage permission for the resource group that you want to update (navigate to Users and Roles > Roles > Manage > Permissions > Resources)
- The Resources Group Threshold permission for the access group to which the resource group that you want to update belongs. (navigate to Users and Roles > Roles > Manage > Permissions > Modules > My Module Toolbox > Access Groups)
In LogicMonitor Rest API v3, when you make a PUT request to update a role /setting/roles/{id}, you can specify the access group ID in the objectId field. For example, "objectId": "resourcegroupthreshold.1". To provide permission to update the existing access groups and those that will be added in the future, you can add an asterisk * in the objectId field. For example, "objectId": "resourcegroupthreshold.*".
{
"objectType": "module",
"objectId": "resourcegroupthreshold.*",
"objectName": "resourcegroupthreshold.*",
"operation": "threshold",
"subOperation": ""
},Example
The following Python Script updates the permissions for role with Id 28:
#!/bin/env python
import requests
import json
import hashlib
import base64
import time
import hmac
import getpass
#Account Info: LogicMonitor recommends to NEVER hardcode the credentials. Instead, retrieve the values from a secure storage.
#Note: The below is provided for illustration purposes only.
AccessId = getpass.getpass("Enter your AccessId: ")
AccessKey = getpass.getpass("Enter your AccessKey: ")
Company = 'apiAccount'
#Request Info
httpVerb ='PUT'
resourcePath = '/setting/roles/28'
queryParams = ''
data = '{"name":"Server Team","customHelpLabel":"Internal Support Resources","customHelpURL":"https://logicmonitor.com/support","privileges":[{"objectType":"setting","objectId":"collectorgroup.4","objectName":"collectorgroup.4","operation":"write"},{"objectType":"setting","objectId":"collector.*","objectName":"collector.*","operation":"read"},{"objectType":"dashboard_group","objectId":"private","objectName":"private","operation":"write"},{"objectType":"dashboard_group","objectId":4,"objectName":"ABC Corporation","operation":"write"},{"objectType":"dashboard","objectId":77,"objectName":"Resource Allocation","operation":"write"},{"objectType":"host_group","objectId":"*","objectName":"*","operation":"read"},{"objectType":"deviceDashboard","objectId":"","operation":"read"},{"objectType":"setting","objectId":"useraccess.personalinfo","operation":"write"},{"objectType":"setting","objectId":"useraccess.apitoken","operation":"write"},{"objectType":"help","objectId":"chat","objectName":"help","operation":"write"}]}'
#Construct URL
url = 'https://'+ Company +'.logicmonitor.com/santaba/rest' + resourcePath +queryParams
#Get current time in milliseconds
epoch = str(int(time.time() * 1000))
#Concatenate Request details
requestVars = httpVerb + epoch + data + resourcePath
#Construct signature digest = hmac.new(
AccessKey.encode('utf-8'),
msg=requestVars.encode('utf-8'),
digestmod=hashlib.sha256).hexdigest()
signature = base64.b64encode(digest.encode('utf-8')).decode('utf-8')
#Construct headers
auth = 'LMv1 ' + AccessId + ':' + str(signature) + ':' + epoch
headers = {'Content-Type':'application/json','Authorization':auth,'X-Version':3}
#Make request
response = requests.put(url, data=data, headers=headers)
#Print status and body of response
print('Response Status:',response.status_code)
print('Response Body:',response.content)Python 3