Pipeline monitoring to API Access Only user

I am trying to access pipeline monitoring information using the SnapLogic public API. I am currently using the /api/1/rest/public/runtime/ endpoint. When I use my own user access the endpoint, I get back all information for our organization’s running and completed pipelines. When I use a new user with API Access Only, I get no results back from the pipeline monitoring endpoint. I have also made sure that the new user is in the same group as my personal user. It still doesn’t work. Am I missing something to setting up a user for API Access Only?

Does the API Access user have access to all the projects that you do?

@dmiller Yes. We are both members of a group called “developers”. We control access to our project spaces using this group.

I finally got a response back from SnapLogic support and, in my opinion, it isn’t ideal. In order for an API Only user to view executions of all pipelines via the Public API, that user must be an organization administrator. Giving the API Only user access to individual project spaces or directories doesn’t do anything.

Another fun tidbit, there is no way to view who is an organization administrator in the UI. Apparently, it can be done using the public API, but, in my experience, it didn’t return who was or wasn’t an org admin. Must be something only SnapLogic admins have access to.

@dmiller if this is incorrect in any way, please let me know, but this is my understanding.

I’m double checking with Engineering and Product Management on the first point.

And true, only org admins can see who are in the admin group within the UI. Would you want to see who were admins?

@dmiller I hit the /users/ endpoint in the public API using an admin user and still could not see the “organizations” data, which is where you can see if a user is an org admin or not.

You could check the membership of the “admins” group using the Group APIs (https://docs-snaplogic.atlassian.net/wiki/spaces/SD/pages/2439512114/Retrieve+Info+About+a+Group).

I’d have to look into the “organizations” data.

At our org we had setup an regular user specifically for reading the public API and gave read access to the folders we needed on.

I am an admin in my own, but our organization uses SSO to sign in to the platform. Because of this, I don’t really have access to what my password would be. What would be the best resolution for a scenario like this?