Replies: 1 comment 4 replies
-
|
I'm unable to reproduce this issue. If I don't assign edit on a model for a user, that user cannot do so even if they have write enabled on the token |
Beta Was this translation helpful? Give feedback.
-
|
@abhi1693 thanks. So even if they are able to select "Write Enabled" for their API Token, then the permissions will mirror their permissions. My question is then: Why have the option to select Write Enabled if the value will mirror the permissions, and just say something like "The API Token will mirror your permissions, if you need the ability to edit or write, you'll need to ensure that the user has the proper permissions." |
Beta Was this translation helpful? Give feedback.
-
|
You can think of it the other way round: this feature provides a short-cut way to create a read-only token, which has all the permissions of the user but with all write access stripped off. Otherwise there would need to be a more sophisticated mechanism for a user to be able to create a token with a chosen subset of the permissions that they have; or else you'd have to create a second user for this purpose. |
Beta Was this translation helpful? Give feedback.
-
|
@candlerb There are multiple ways to do this. It should definitely be clearly noted though, unless I missed where it said this in the documentation |
Beta Was this translation helpful? Give feedback.
-
|
https://docs.netbox.dev/en/stable/integrations/rest-api/#restricting-write-operations Seems pretty clear to me. |
Beta Was this translation helpful? Give feedback.
-
The request is NOT to provide a way to centralize management API Tokens for Non-administrative users. Rather, this is a request for a new idea for preventing users without edit access to create write enabled API Tokens.
Beta Was this translation helpful? Give feedback.
All reactions