Background: I work for an MSP in a sysadmin role so please forgive my limited dev skills. I'm looking at using the Unity API to integrate Webroot endpoint data into a LOB application. I have experience with making REST API calls via PowerShell to set custom properties and variables based on response data.
I can create an API key in our GSM, but I'm not seeing any options to restrict the key to specific sites, datasets, read-only, etc permissions. Ideally, I'd like to limit key permissions to only allow a specific user account to make 'GET SkyStatus' calls to endpoints in a single site. If possible, I'd also like to restrict API key usage to a specific IP address.
Can anyone provide further guidance on hardening GSM console security when using the Unity API?
Already have an account? Login
Login to the community
No account yet? Create an account
Enter your username or e-mail address. We'll send you an e-mail with instructions to reset your password.
Does that make sense?