cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

AppPortal API Permission

On documentation of App Portal 2019, FNMS Integration tab, it is mentioned that we need to restrict the permission of "http://server/esd/api.asmx"

Enable App Portal API (http://server/esd/api.asmx) You should modify NTFS Permissions on the api.asmx file to prevent unauthorized access prior to enabling the API.
  

But, I am not able to find which accounts should have permissions on the documentation. Anyone has information on this?

(1) Solution
CharlesW
By Level 12 Flexeran
Level 12 Flexeran

It sounds as if you may not even be using the API, so in reality, you do not need to worry about this.. If you are not using the API, then go to settings ->flexera integration, and deselect the "Enable App Portal API" checkbox.. The API can not be used then.. App Portal does not call into it's own web service API calls, so unless you are using it, you do not need to enable it. If there comes a time where you need access to the API, then you can provide permissions to those accounts that need access.  

 I've had some luck in using the following location tag, added to web.config, to enable access for specific users. the following example will block all users from accessing API.asmx, except for "support\CharlesW".

 

<location path="API.asmx">

    <system.web>

      <authorization>

                    <allow users="support\CharlesW" />

                    <deny users="*" />

      </authorization>

    </system.web>

  </location>

View solution in original post

(1) Reply
CharlesW
By Level 12 Flexeran
Level 12 Flexeran

It sounds as if you may not even be using the API, so in reality, you do not need to worry about this.. If you are not using the API, then go to settings ->flexera integration, and deselect the "Enable App Portal API" checkbox.. The API can not be used then.. App Portal does not call into it's own web service API calls, so unless you are using it, you do not need to enable it. If there comes a time where you need access to the API, then you can provide permissions to those accounts that need access.  

 I've had some luck in using the following location tag, added to web.config, to enable access for specific users. the following example will block all users from accessing API.asmx, except for "support\CharlesW".

 

<location path="API.asmx">

    <system.web>

      <authorization>

                    <allow users="support\CharlesW" />

                    <deny users="*" />

      </authorization>

    </system.web>

  </location>