Overview
Suggest changes
The NetApp Console identity and access management (IAM) service provides a centralized point for managing customer and partner information. IAM endpoints enable you to manage and control access to the Console resources.
If you're using the Console in standard mode, you no longer have a NetApp Console account. Instead, you have an organization in the Console that you manage using IAM.
The following six components are defined within the IAM service.
-
hierarchy
-
permission
-
partnership
-
resource and resourcegroup
-
role
-
user and usergroup
IAM uses predefined roles that include sets of permissions which are required to manage and view data. You can have multiple roles within the same organization or set of resources. You should verify that you have the appropriate permissions when using IAM API endpoints. With the appropriate permissions, you can manage an organization hierarchy modeled as folders (subdivisions of an organization using criteria such as department or region) and projects (a workspace in the Console). After organizing your resources into folders and projects, you can grant granular access to resources by providing organization members with permissions to specific folders and projects.
The actions available through the IAM REST API are a superset of what's available through the web UI.
Note: Before using the API reference documentation, review the Get started section for the Console APIs. For more information about the security tokens and identifiers you'll need when using the API, review the Common workflows and tasks section.
REST implementation
HTTP methods
| Method | Description |
|---|---|
|
Create an object instance |
|
Retrieve an object instance or collection |
|
Update specific fields of an existing resource instance based on the supplied input values |
|
Update an existing resource instance based on the supplied input values |
|
Remove an existing object |
Request headers
| Request Header | Description |
|---|---|
|
Required. Contains a JWT access token |
Query parameters
You can use query parameters with endpoints in the following components:
| Component | Query Parameter |
|---|---|
Hierarchy |
filter, skip, include, orderBy, limit, count, continue, metadata, links |
Permission |
filter, skip, include, orderBy, limit, count, continue, metadata, links |
Resource and resourcegroup |
filter, skip, include, orderBy, limit, count, continue, metadata, links |
Role |
filter, skip, include, orderBy, limit, count, continue, metadata, links |
User and usergroup |
filter, skip, include, orderBy, limit, count, continue, metadata, links |
Response headers
This API uses the standard HTTP response headers common with all APIs in the Console. See REST implementation for more information.
HTTP status codes
| HTTP Status Code | Description |
|---|---|
|
OK: Returned for successful operation completion |
|
The resource was successfully created. |
|
The operation was completed successfully and the server did not send a response message. |
|
Bad Request: Returned if the input is malformed and could not be parsed |
|
Unauthorized: Returned if user authentication failed or the token has expired |
|
Forbidden: Returned for authorization errors depending on the resource and token |
Error handling
The following processes are involved with error handling and processing.
-
The error is logged for supportability
-
The error is also returned to the caller for any specific handling