Permissions⚓︎
Roles⚓︎
Permissions are assigned to roles. API keys, users and/or TLS certificates can be assigned to a given role. All API calls are authenticated using a role, i.e. either through the use of an API key, authenticated user or TLS certificate.
ACL⚓︎
Permissions are typically granted for a specific virtual server. However, these can also be assigned globally across all virtual servers on the NS instance, granting the specified permission on every virtual server.
| Permission | Actions |
|---|---|
| * | Managing API keys of the authenticated role. |
| sessions | Day-to-day user interactions: logins, push logins, viewing user details and attributes, viewing account details, transactions. |
| users | User management, assigning roles to users. |
| accounts | Account management. |
| servers | Management of virtual server attributes, viewing virtual server settings and permissions. |
| createserver | Updating virtual server settings, deleting virtual servers. |
| root | All of the above, granting permissions to roles. |
* No specific permission is required.
Global permissions are needed for the following actions:
| Global Permission | Actions |
|---|---|
| servers | Management of global attributes and privileged virtual server-specific attributes. |
| createserver | Creating a new virtual server on the nextAuth Server instance. |