About the Roles Resource

Product Documentation

About LogicMonitor
- Overview
- Technical Support
  - Support Overview
  - Accessing Support Resources
Getting Started
- Implementation Readiness
  - LogicMonitor Implementation Readiness Recommendations for Enterprise Customers
  - Top Dependencies for LogicMonitor Enterprise Implementation
- LogicMonitor Tutorial
- Advanced LogicMonitor Setup
LogicMonitor Concepts
- Limits, Quotas, and Constraints
Collectors
- Collector Overview
- Collector Installation
- Collector Configurations
- Collector Management
- Collector Integrations
- Collector Troubleshooting
Devices
- Adding and Managing Devices
- Device Groups
- Resources Page Overview
- Device DataSources and Instances
- Netscans
Dashboards and Widgets
- Managing Dashboards
- Managing Widgets
- Widget Types
Alerts
- About Alerts
- Alert Discovery
- Responding to Alerts
AIOps
- Anomaly Detection
  - Anomaly Detection Visualization
- Forecasting
  - Data Forecasting
- Topology Mapping
- AIOps for Alerting
LM Service Insight
- About LM™ Service Insight
- Adding Services
- Managing Services
LogicModules
- LogicModule Overview
- LM Exchange
  - LM Exchange
- DataSources
- Data Collection Methods
- Datapoints
- Active Discovery
- Groovy Support
- Powershell Support
  - Creating PowerShell Script Datasources
  - Using PowerShell Scripts in LogicMonitor
- ConfigSources
- EventSources
- Property Sources
  - Creating PropertySources
- TopologySources
  - TopologySource Overview
  - TopologySources Scripts
- AppliesTo
  - AppliesTo Scripting Overview
  - User-Defined AppliesTo Functions
- JobMonitors
- SNMP sysOID Maps
Reports
- Which report should I use?
- Creating & Managing Reports
- Scheduling a Report for Auto-Delivery
- Creating a Report Group
- Report Types
Security
- Two-Factor Authentication
- Single Sign On
- Multi Sign-On
- Configuring the Azure Active Directory SSO Integration
- LogicMonitor Security Best Practices
- Log4j Security Vulnerabilities
Settings
- About the Account Information Page
- About Audit Logs
- Message Templates
  - Alert Messages
  - New User Message
- Users and roles
Terminology and Syntax
- Scripting Support
LM Logs
- LM Logs Overview
- Log Ingestion
- Logs Query Language
- Reviewing Logs and Log Anomalies
- Log Processing Pipelines
- Log Alert Conditions
- LM Logs Roles and Permissions
- LM Logs Usage Monitoring
- Troubleshooting Logs
LM APM
- LM APM Overview
- Push Metrics
- OpenMetrics Integration
  - OpenMetrics DataSource Wizard
  - OpenMetrics Monitoring
- Distributed Tracing
- Synthetics
Cloud Monitoring
- Getting Started
- Amazon Web Services
- Microsoft Azure
- Google Cloud Platform (GCP)
SaaS Monitoring
- Airbrake Monitoring
- Microsoft Office 365 Monitoring
- SaaS Lite Monitoring
- Salesforce Monitoring
- Zoom Monitoring
Container Monitoring
- Kubernetes
- Docker
  - Docker Monitoring
Website Monitoring
- About Websites
- Adding and Managing Websites
- Website Groups
  - Adding Website Groups
  - Editing and Deleting Website Groups
Monitoring Solutions
- Applications and Databases
- Backup and Recovery Systems
- Networking and Firewalls
- Operating Systems and Virtualization
- Server and operations Hardware
- Storage Systems
- Network Traffic Flow
Workflow Integrations
- ServiceNow
  - LogicMonitor ServiceNow CMDB Integration
    - Getting Started with the LogicMonitor ServiceNow CMDB Integration
    - ServiceNow CMDB Update Set: Auto-Balanced Collector Groups
  - Service Graph Connector for LogicMonitor
    - Getting Started with the Service Graph Connector for LogicMonitor Application
- Ansible Integration
- StackStorm
- Terraform Integration
- Microsoft Teams
  - Microsoft Teams Integration Overview
  - Microsoft Teams Integration Setup
Alert Integrations
- Alert Integrations Overview
- Autotask Integration
- Campfire Integration
- ConnectWise Integration
- Custom Email Delivery
- Custom HTTP Delivery
- Integrations Logs
- PagerDuty Integration
- Puppet 4 Integration
- Puppet Integration
- ServiceNow (Incident Management) Integration
- Slack Integration
- Zendesk Integration
Mobile
- About LogicMonitor’s Mobile View and Application
- Responding to Alerts from a Mobile Device
- Viewing Alerts from a Mobile Device
- Viewing Dashboards from a Mobile Device
- Viewing Graphs from a Mobile Device
REST API Developers Guide
- Rest API Overview
- REST API v3
  - REST API v3 Swagger Documentation
  - LogicMonitor v3 SDK
- REST API v2
  - About REST API v2
  - Creating Services via the API
- Rest API v1
RPC API - Deprecated
- About LogicMonitor’s RPC API (Deprecated)
Training and Certification
- LogicMonitor Certified Professional Exam Information
- LogicMonitor Training and Certification

You can use LogicMonitor’s REST API to programmatically manage the user roles in your account.

Using LogicMonitor’s REST API, you can:

Note: As with all of our API calls, authentication is required.

Resource URI:

/setting/roles

Resource Properties:

All roles have the following properties:

Property	Description	Type
id	The Id of the role	Integer
name	The name of the role	String
description	The description of the role	String
customHelpLabel	The label for the custom help URL as it will appear in the Help & Support dropdown menu	String
customHelpURL	The URL that should be added to the Help & Support dropdown menu	String
associatedUserCount	The number of users with this role applied	Integer
requireEula	Whether or not users assigned this role should be required to acknowledge the EULA (end user license agreement)	Boolean
privileges	The account privileges associated with the role. Privileges can be added to a role for each area of your account, where each privilege object has the following format: "privileges" : [ { "objectType" : "host_group", "objectId" : "", "objectName" : "", "operation" : "write" }, { "objectType" : "dashboard_group", "objectId" : "", "objectName" : "", "operation" : "write" }]	JSON Object

For each role, you can add as many (or few) privilege objects as you’d like. The following table indicates how to format the privilege objects for the different resources in your account:

Resource	objectType	objectId	objectName	operation	Example
Dashboards	dashboard	The id of the dashboard that the permission specified in operation should be granted for. A * can be used to indicate all dashboards. Note that you can only grant permissions for individual dashboards if they are ungrouped. You can find the id for a dashboard in the URL bar of your LogicMonitor account. Alternatively you can make a GET request to LogicMonitor’s REST API dashboards resource.	The name of the dashboard that the permission specified in operation should be granted for. A * can be used to indicate all dashboards.	write \| read	{ “objectType” : “dashboard”, “objectId” : “32”, “objectName” : “Resource Allocation”, “operation” : “write” }
Dashboard Groups	dashboard_group	The id of the dashboard group that the permission specified in operation should be granted for. A * can be used to indicate all groups.	The name of the dashboard group that the permission specified in operation should be granted for. A * can be used to indicate all groups.	write \| read	{ “objectType” : “dashboard_group”, “objectId” : “”, “objectName” : “”, “operation” : “write” }
Private Dashboards	dashboard_group	private	private	write (ability to create private dashboards)	{ “objectType” : “dashboard_group”, “objectId” : “private”, “objectName” : “private”, “operation” : “write” }
Device Groups	host_group	The id of the device group that the permission specified in operation should be granted for. A * can be used to indicate all groups. You can find the id for a device group in the URL bar of your LogicMonitor account. Alternatively, you can make a GET request to LogicMonitor’s REST API device groups resource.	The name of the device group that the permission specified in operation should be granted for. A * can be used to indicate all groups.	write \| read \| ack	{ “objectType” : “host_group”, “objectId” : “”, “objectName” : “”, “operation” : “write” }
Device Dashboards	deviceDashboard	leave blank	deviceDashboard	write	{ “objectType” : “deviceDashboard”, “objectId” : “”, “objectName” : “deviceDashboard”, “operation” : “write” }
Configs Tab	configNeedDeviceManagePermission	leave blank	configNeedDeviceManagePermission	write	{ “objectType” : “configNeedDeviceManagePermission”, “objectId” : “”, “objectName” : “configNeedDeviceManagePermission”, “operation” : “write” }
Remote Sessions	remoteSession	The id of the device group that the permission specified in operation should be granted for. A * can be used to indicate all groups. You can find the id for a device group in the URL bar of your LogicMonitor account. Alternatively, you can make a GET request to LogicMonitor’s REST API device group resource.	The name of the device group(s) that the permission specified in operation should be granted for. A * can be used to indicate all groups.	write	{ “objectType” : “remoteSession”, “objectId” : “”, “objectName” : “”, “operation” : “write” }
Reports	report_group	The id of the report group that the permission specified in operation should be granted for. A * can be used to indicate all groups. You can find report group ids with a GET request to LogicMonitor’s REST API report groups resource.	The name of the report group that the permission specified in operation should be granted for. A * can be used to indicate all groups.	write \| read	{ “objectType” : “report_group”, “objectId” : “”, “objectName” : “”, “operation” : “write” }
Services	service_group	The id of the service group that the permission specified in operation should be granted for. A * can be used to indicate all groups. You can find service group ids with a GET request to LogicMonitor’s REST API service groups resource.	The name of the service group that the permission specified in operation should be granted for. A * can be used to indicate all groups.	write \| read	{ “objectType” : “service_group”, “objectId” : “”, “objectName” : “”, “operation” : “write”
Settings	setting	The name of the settings section that the permission specified in operation should be granted for. A * can be used to indicate all sections. The settings sections are: accesslog, accountinfo, alert, collector., collectorgroup.groupId, datasource., integration, messagetemplate, useraccess.*, useraccess.personalinfo and useraccess.apitoken	Same as objectId. The name of the settings section that the permission specified in operation should be granted for. A * can be used to indicate all sections. The settings sections are: accesslog, accountinfo, alert, collector., collectorgroup.groupId, datasource., integration, messagetemplate, useraccess.*, useraccess.personalinfo and useraccess.apitoken	write \| read Note that only write is available for useraccess.personalinfo and useraccess.apitoken	{ “objectType” : “setting”, “objectId” : “collectorgroup.4”, “objectName” : “win7a”, “operation” : “read” }
Help & Support Menu (? menu in your account)	help	The name of the Help & Support menu option that the permission specified in operation should be granted for. A * can be used to indicate all options. The Help & Support options are: document (Documentation), chat (Chat with Engineer), support (Support Request), and feedback (Feedback).	help	read (available for all resources except chat) write (available for chat only)	{ “objectType” : “help”, “objectId” : “chat”, “objectName” : “help”, “operation” : “write” }

Product Documentation

Resource URI:

Resource Properties:

Property

Description

Type

Resource

objectType

objectId

objectName

operation

Example

In This Article