Using the API User Security Policy
Learn how the API User Security Policy is used to secure Community Manager administrator accounts.Managing Policies
Table of Contents
The "API User Security Policy" is the default security policy for Community Manager services and controls who can perform administrative actions on the Community Manager portal.
When a user installs the "SOA Software Community Manager Policy Console" and "SOA Software Community Manager" features, a series of Community-specific services are added to the "Services" folder of the Community Manager Tenants" organization located in the "SOA Software Policy Manager" organization. The "API User Security Policy" is automatically assigned to these services during the installation of the Community Manager features. You can select View References on the Actions Portlet of the Policy Details page to view services that the policy is attached too, and can also view the policy attachment on the "Operational Policy Attachment Portlet" of any of the Community Manager services.
Note: This service is for users that have installed the SOA Software Community Manager Policy Console and SOA Software Community Manager features.
In Community Manager, when you add an API using the Add a New API function, you automatically become API Administrator for that API. You can also invite individuals who you would like to give administrator privileges to your API via the Community Manager API > Admins interface. The API creator and approved administrators can access the API.
The "API User Security Policy" determines who the user is (i.e., administrator or standard user account). When a request comes to a Community Manager service, it is intercepted by the "API User Security Policy" before being processed. The policy checks to determine if the user is logged in, and whether the user is an administrator for the selected API or has a standard user account. Depending on the action, if the user is not authorized to perform the selected action, an error will be thrown or the option will be grayed out and not available for selection.
Let's take a quick walkthrough of the API User Security Policy configuration process to get your started.
Step 1: Review Policy (in Policy Manager Management Console)
Verify that the API User Security Policy is present in the Policies folder of the Policy Manager root Organization as illustrated below. It should be added automatically as part of the Community Manager feature installation. The name assigned to the default policy is AtmosphereUserSecurityPolicy.
If the policy does not display, verify that you have correctly installed the Community Manager features. If you need an additional instance of the API User Security Policy to customize, use Add Policy to create one.
This policy type creates a policy with a default configuration that looks like the following:
Step 2: View Policy References and Attachments
You can view the services the default API User Security Policy is attached to by selecting View Policy References from the Actions Portlet on the Policy Details page.
You can also view a policy attached to a service on the Policy Attachments Portlet in SOA Software Community Manager > Services > Service Details).