Join fellow LogicMonitor users at the Elevate Community Conference and get hands-on with our latest product innovations.

Register Now

Platform

Get real-time insights and automation for comprehensive, seamless monitoring with agentless architecture.

Platform Overview
Infrastructure Monitoring
Cloud Monitoring
Digital Experience
AIOPS

Solutions

Whether you work in MSP, Enterprise IT or somewhere in between, the solution is clear.

Solutions Overview
By Initiative
By Industry

Resources

Explore our blogs, guides, case studies, eBooks, and more actionable insights to enhance your IT monitoring and observability.

View Resources
Learn

About us

Get to know LogicMonitor and our team.

About us
Get to know us
Services

Documentation

Read through our documentation, check out our latest release notes, or submit a ticket to our world-class customer service team.

View Resources
Support
TRY IT FREE
ON DEMAND DEMO

Product Documentation

About the Roles Resource

Last updated on 07 December, 2020

You can use LogicMonitor’s REST API to programmatically manage the user roles in your account.

Using LogicMonitor’s REST API, you can:

Note: As with all of our API calls, authentication is required.

Resource URI:

/setting/roles

Resource Properties:

All roles have the following properties:

Property

Description

Type
id The Id of the role Integer
name The name of the role String
description The description of the role String
customHelpLabel The label for the custom help URL as it will appear in the Help & Support dropdown menu String
customHelpURL The URL that should be added to the Help & Support dropdown menu String
associatedUserCount The number of users with this role applied Integer
requireEula Whether or not users assigned this role should be required to acknowledge the EULA (end user license agreement) Boolean
privileges The account privileges associated with the role. Privileges can be added to a role for each area of your account, where each privilege object has the following format:

 "privileges" : [ {
        "objectType" : "host_group",
        "objectId" : "*",
        "objectName" : "*",
        "operation" : "write"
      }, {
        "objectType" : "dashboard_group",
        "objectId" : "*",
        "objectName" : "*",
        "operation" : "write"
      }]
JSON Object
For each role, you can add as many (or few) privilege objects as you’d like. The following table indicates how to format the privilege objects for the different resources in your account:

Resource

objectType

objectId

objectName

operation

Example
Dashboards dashboard The id of the dashboard that the permission specified in operation should be granted for. A * can be used to indicate all dashboards. Note that you can only grant permissions for individual dashboards if they are ungrouped. You can find the id for a dashboard in the URL bar of your LogicMonitor account. Alternatively you can make a GET request to LogicMonitor’s REST API dashboards resource. The name of the dashboard that the permission specified in operation should be granted for. A * can be used to indicate all dashboards. write | read {

“objectType” : “dashboard”,

“objectId” : “32”,

“objectName” : “Resource Allocation”,

“operation” : “write”

}
Dashboard Groups dashboard_group The id of the dashboard group that the permission specified in operation should be granted for. A * can be used to indicate all groups. The name of the dashboard group that the permission specified in operation should be granted for. A * can be used to indicate all groups. write | read {

“objectType” : “dashboard_group”,

“objectId” : “*”,

“objectName” : “*”,

“operation” : “write”

}
Private Dashboards dashboard_group private private write (ability to create private dashboards) {

“objectType” : “dashboard_group”,

“objectId” : “private”,

“objectName” : “private”,

“operation” : “write”

}
Device Groups host_group The id of the device group that the permission specified in operation should be granted for. A * can be used to indicate all groups. You can find the id for a device group in the URL bar of your LogicMonitor account. Alternatively, you can make a GET request to LogicMonitor’s REST API device groups resource. The name of the device group that the permission specified in operation should be granted for. A * can be used to indicate all groups. write | read | ack {

“objectType” : “host_group”,

“objectId” : “*”,

“objectName” : “*”,

“operation” : “write”

}
Device Dashboards deviceDashboard leave blank deviceDashboard write {

“objectType” : “deviceDashboard”,

“objectId” : “”,

“objectName” : “deviceDashboard”,

“operation” : “write”

}
Configs Tab configNeedDeviceManagePermission leave blank configNeedDeviceManagePermission write {

“objectType” : “configNeedDeviceManagePermission”,

“objectId” : “”,

“objectName” : “configNeedDeviceManagePermission”,

“operation” : “write”

}
Remote Sessions remoteSession The id of the device group that the permission specified in operation should be granted for. A * can be used to indicate all groups. You can find the id for a device group in the URL bar of your LogicMonitor account. Alternatively, you can make a GET request to LogicMonitor’s REST API device group resource. The name of the device group(s) that the permission specified in operation should be granted for. A * can be used to indicate all groups. write {

“objectType” : “remoteSession”,

“objectId” : “*”,

“objectName” : “*”,

“operation” : “write”

}
Reports report_group The id of the report group that the permission specified in operation should be granted for. A * can be used to indicate all groups. You can find report group ids with a GET request to LogicMonitor’s REST API report groups resource. The name of the report group that the permission specified in operation should be granted for. A * can be used to indicate all groups. write | read {

“objectType” : “report_group”,

“objectId” : “*”,

“objectName” : “*”,

“operation” : “write”

}
Services service_group The id of the service group that the permission specified in operation should be granted for. A * can be used to indicate all groups. You can find service group ids with a GET request to LogicMonitor’s REST API service groups resource. The name of the service group that the permission specified in operation should be granted for. A * can be used to indicate all groups. write | read {

“objectType” : “service_group”,

“objectId” : “*”,

“objectName” : “*”,

“operation” : “write”
Settings setting The name of the settings section that the permission specified in operation should be granted for. A * can be used to indicate all sections. The settings sections are: accesslog, accountinfo, alert, collector.*, collectorgroup.groupId, datasource.*, integration, messagetemplate, useraccess.*, useraccess.personalinfo and useraccess.apitoken Same as objectId. The name of the settings section that the permission specified in operation should be granted for. A * can be used to indicate all sections. The settings sections are: accesslog, accountinfo, alert, collector.*, collectorgroup.groupId, datasource.*, integration, messagetemplate, useraccess.*, useraccess.personalinfo and useraccess.apitoken write | read
Note that only write is available for useraccess.personalinfo and useraccess.apitoken		 {

“objectType” : “setting”,

“objectId” : “collectorgroup.4”,

“objectName” : “win7a”,

“operation” : “read”

}
Help & Support Menu (? menu in your account) help The name of the Help & Support menu option that the permission specified in operation should be granted for. A * can be used to indicate all options. The Help & Support options are: document (Documentation), chat (Chat with Engineer), support (Support Request), and feedback (Feedback). help read (available for all resources except chat)
write (available for chat only)		 {

“objectType” : “help”,

“objectId” : “chat”,

“objectName” : “help”,

“operation” : “write”

}
In This Article

Start Your Trial

Full access to the LogicMonitor platform.
Comprehensive monitoring and alerting for unlimited devices.