Permissions are assigned to roles. API keys, users and/or TLS certificates can be assigned to a given role. All API calls are authenticated using a role, i.e. either through the use of an API key, authenticated user or TLS certificate.
Permissions are typically granted for a specific virtual server. However, these can also be assigned globally across all virtual servers on the NS instance, granting the specified permission on every virtual server.
|*||Managing API keys of the authenticated role.|
|sessions||Day-to-day user interactions: logins, push logins, viewing user details and attributes, viewing account details, transactions.|
|users||User management, assigning roles to users.|
|servers||Management of virtual server attributes, viewing virtual server settings and permissions.|
|createserver||Updating virtual server settings, deleting virtual servers.|
|root||All of the above, granting permissions to roles.|
* No specific permission is required.
Global permissions are needed for the following actions:
|servers||Management of global attributes and privileged virtual server-specific attributes.|
|createserver||Creating a new virtual server on the nextAuth Server instance.|