Platform

    Get real-time insights and automation for comprehensive, seamless monitoring with agentless architecture.

    Platform Overview
  • Infrastructure
    monitoring
  • Cloud monitoring
  • Digital experience
  • AIOPS

      • Solutions

      Whether you work in MSP, Enterprise IT or somewhere in between, the solution is clear.

      Solutions Overview
    By Initiative
    By Industry

      About us

      Get to know LogicMonitor and our team.

      About us
    Get to know us
    Connect
    Services

      Documentation

      Read through our documentation, check out our latest release notes, or submit a ticket to our world-class customer service team.

      View Resources
    Support

    Product Documentation

    About the Roles Resource

    Last updated on 07 December, 2020

    You can use LogicMonitor’s REST API to programmatically manage the user roles in your account.

    Using LogicMonitor’s REST API, you can:

    Note: As with all of our API calls, authentication is required.

    Resource URI:

    /setting/roles

    Resource Properties:

    All roles have the following properties:

    Property

    Description

    Type
    id The Id of the role Integer
    name The name of the role String
    description The description of the role String
    customHelpLabel The label for the custom help URL as it will appear in the Help & Support dropdown menu String
    customHelpURL The URL that should be added to the Help & Support dropdown menu String
    associatedUserCount The number of users with this role applied Integer
    requireEula Whether or not users assigned this role should be required to acknowledge the EULA (end user license agreement) Boolean
    privileges The account privileges associated with the role. Privileges can be added to a role for each area of your account, where each privilege object has the following format:

     "privileges" : [ {
        "objectType" : "host_group",
        "objectId" : "*",
        "objectName" : "*",
        "operation" : "write"
      }, {
        "objectType" : "dashboard_group",
        "objectId" : "*",
        "objectName" : "*",
        "operation" : "write"
      }]
    		JSON Object
    For each role, you can add as many (or few) privilege objects as you’d like. The following table indicates how to format the privilege objects for the different resources in your account:

    Resource

    objectType

    objectId

    objectName

    operation

    Example
    Dashboards dashboard The id of the dashboard that the permission specified in operation should be granted for. A * can be used to indicate all dashboards. Note that you can only grant permissions for individual dashboards if they are ungrouped. You can find the id for a dashboard in the URL bar of your LogicMonitor account. Alternatively you can make a GET request to LogicMonitor’s REST API dashboards resource. The name of the dashboard that the permission specified in operation should be granted for. A * can be used to indicate all dashboards. write | read {

    “objectType” : “dashboard”,

    “objectId” : “32”,

    “objectName” : “Resource Allocation”,

    “operation” : “write”

    }
    Dashboard Groups dashboard_group The id of the dashboard group that the permission specified in operation should be granted for. A * can be used to indicate all groups. The name of the dashboard group that the permission specified in operation should be granted for. A * can be used to indicate all groups. write | read {

    “objectType” : “dashboard_group”,

    “objectId” : “*”,

    “objectName” : “*”,

    “operation” : “write”

    }
    Private Dashboards dashboard_group private private write (ability to create private dashboards) {

    “objectType” : “dashboard_group”,

    “objectId” : “private”,

    “objectName” : “private”,

    “operation” : “write”

    }
    Device Groups host_group The id of the device group that the permission specified in operation should be granted for. A * can be used to indicate all groups. You can find the id for a device group in the URL bar of your LogicMonitor account. Alternatively, you can make a GET request to LogicMonitor’s REST API device groups resource. The name of the device group that the permission specified in operation should be granted for. A * can be used to indicate all groups. write | read | ack {

    “objectType” : “host_group”,

    “objectId” : “*”,

    “objectName” : “*”,

    “operation” : “write”

    }
    Device Dashboards deviceDashboard leave blank deviceDashboard write {

    “objectType” : “deviceDashboard”,

    “objectId” : “”,

    “objectName” : “deviceDashboard”,

    “operation” : “write”

    }
    Configs Tab configNeedDeviceManagePermission leave blank configNeedDeviceManagePermission write {

    “objectType” : “configNeedDeviceManagePermission”,

    “objectId” : “”,

    “objectName” : “configNeedDeviceManagePermission”,

    “operation” : “write”

    }
    Remote Sessions remoteSession The id of the device group that the permission specified in operation should be granted for. A * can be used to indicate all groups. You can find the id for a device group in the URL bar of your LogicMonitor account. Alternatively, you can make a GET request to LogicMonitor’s REST API device group resource. The name of the device group(s) that the permission specified in operation should be granted for. A * can be used to indicate all groups. write {

    “objectType” : “remoteSession”,

    “objectId” : “*”,

    “objectName” : “*”,

    “operation” : “write”

    }
    Reports report_group The id of the report group that the permission specified in operation should be granted for. A * can be used to indicate all groups. You can find report group ids with a GET request to LogicMonitor’s REST API report groups resource. The name of the report group that the permission specified in operation should be granted for. A * can be used to indicate all groups. write | read {

    “objectType” : “report_group”,

    “objectId” : “*”,

    “objectName” : “*”,

    “operation” : “write”

    }
    Services service_group The id of the service group that the permission specified in operation should be granted for. A * can be used to indicate all groups. You can find service group ids with a GET request to LogicMonitor’s REST API service groups resource. The name of the service group that the permission specified in operation should be granted for. A * can be used to indicate all groups. write | read {

    “objectType” : “service_group”,

    “objectId” : “*”,

    “objectName” : “*”,

    “operation” : “write”
    Settings setting The name of the settings section that the permission specified in operation should be granted for. A * can be used to indicate all sections. The settings sections are: accesslog, accountinfo, alert, collector.*, collectorgroup.groupId, datasource.*, integration, messagetemplate, useraccess.*, useraccess.personalinfo and useraccess.apitoken Same as objectId. The name of the settings section that the permission specified in operation should be granted for. A * can be used to indicate all sections. The settings sections are: accesslog, accountinfo, alert, collector.*, collectorgroup.groupId, datasource.*, integration, messagetemplate, useraccess.*, useraccess.personalinfo and useraccess.apitoken write | read
    Note that only write is available for useraccess.personalinfo and useraccess.apitoken    		 {

    “objectType” : “setting”,

    “objectId” : “collectorgroup.4”,

    “objectName” : “win7a”,

    “operation” : “read”

    }
    Help & Support Menu (? menu in your account) help The name of the Help & Support menu option that the permission specified in operation should be granted for. A * can be used to indicate all options. The Help & Support options are: document (Documentation), chat (Chat with Engineer), support (Support Request), and feedback (Feedback). help read (available for all resources except chat)
    write (available for chat only)    		 {

    “objectType” : “help”,

    “objectId” : “chat”,

    “objectName” : “help”,

    “operation” : “write”

    }
    In This Article