You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The API user need to just activate the deactivated users. Providing 'EditUserConfiguration' will let them create admin users as well. Also we are doing password based authentication for API users which is not the most secure one. So good to restrict their access.
AC:
Create a privilege named 'Activate user'
It should have permission only to activate - not even to deactivate
Only users with the above privilege and EditUserConfiguration privilege should be able to call /api/user/enable
The text was updated successfully, but these errors were encountered:
Need:
The API user need to just activate the deactivated users. Providing 'EditUserConfiguration' will let them create admin users as well. Also we are doing password based authentication for API users which is not the most secure one. So good to restrict their access.
AC:
EditUserConfigurationprivilege should be able to call/api/user/enableThe text was updated successfully, but these errors were encountered: