Forum Discussion

ebroyles's avatar
ebroyles
Maven
8 years ago

Why is the "Update Communities" permission required to view API Browser?

I learned today from a support case I opened that granting developers the "API Browser" and the "View Studio in read-only mode" permissions did not actually enable them to view the API Browser. I had to grant the "Update Communities" permission as well, and then they could access it.

 

This seems strange and unintuitive to me, since Update Communities is really intended as an admin permission (per the tooltip) and API Browser is needed for developers (who may not need to be admins).

 

I would prefer (and I think it makes more sense, unless I'm missing something) that the permissions be more granular so that Granting API Browser would actually do so.

 

Thanks to DereckC for troubleshooting this and finding the solution (for now) to get my developers access to the API Browser.

 

  • DougS's avatar
    DougS
    8 years ago

    Hi Eric,

     

    Thank you for reporting this. I tested it out myself, and sure enough, there is a bug here.

     

    There is a permission for using the API browser called "Use the API Browser":

     

     

    Granting that permission should be the only thing you need to do to enable them to use the api browser tab.

     

    I filed a bug to fix this and have fixed it so that all you should need to do is add them to a role that has the "User the API browser" permission. This fix should go into our version 17.8 release.

     

    Thanks,

     

    -Doug

  • DougS's avatar
    DougS
    Khoros Oracle
    8 years ago

    Hi Eric,

     

    Thank you for reporting this. I tested it out myself, and sure enough, there is a bug here.

     

    There is a permission for using the API browser called "Use the API Browser":

     

     

    Granting that permission should be the only thing you need to do to enable them to use the api browser tab.

     

    I filed a bug to fix this and have fixed it so that all you should need to do is add them to a role that has the "User the API browser" permission. This fix should go into our version 17.8 release.

     

    Thanks,

     

    -Doug

    • Jaime_Lee's avatar
      Jaime_Lee
      Maven
      6 years ago

      ChadB  Just because I like asking you questions (and how you answer) or DougS who was the last one to leave a reply on this subject.

       

      I have a developer asking me to grant this request

      Could you please also give the “Use REST API browser” role and the "URL to access API Browser in Studio."

      How do I do this?  I do not see this as a permission under user permissions,

       

      I only see:

       

      REST API

      Make REST API V1 calls with read access,

      Make REST API V1 calls,

      View Action Logs,

      and Manage API Apps

       

      I have not read the developer documentation in detail.  Will this be sufficient for his requests/

       

      Thank you!

       

      Jaime Lee

       

      Make REST API V1 calls that read data from the community. (Default = Deny; recommended for Admins)

      View logs related to REST API activities. (Default = Deny; recommended for Admins)
      • DougS's avatar
        DougS
        Khoros Oracle
        6 years ago

        Hi Jaime_Lee,

        The permission will only show up on your stage site. You need to go to Admin > Users > Permissions and you will see it (under the "Studio" section):

        I recommend creating a role and granting the permission to that role, then adding the user to the role.

        -Doug