Grant remote access permission

This API call grants remote access permission to a specific user. You can specify the user role, duration, and reason for remote access request. The request consumes and produces an application/json payload.

Authentication

To execute this request, you need one of the following API-Token scopes:

  • Cluster token management (ClusterTokenManagement)
  • Service Provider API (ServiceProviderAPI )
  • Nodekeeper access for node management (Nodekeeper)
    To learn how to obtain and use it, see Cluster API - Authentication.

Endpoint

/api/cluster/v2/remoteaccess/requests

Parameters

Parameter
Type
Description
In
Required
body

The JSON body of the request, containing parameters of access request.

body
optional

Request body objects

The CreateAccessRequestDto object

Access request data - format used to create a request

Element
Type
Description
Required
userId
string

User id

optional
reason
string

Request reason description

optional
requestedDays
integer

For how many days access is requested

optional
role
string

Requested role

  • devops-admin
  • devops-user
  • devops-viewer
optional

Request body JSON model

This is a model of the request body, showing the possible elements. It has to be adjusted for usage in an actual request.

{
  "userId": "string",
  "reason": "string",
  "requestedDays": 1,
  "role": "devops-admin"
}

Response

Response codes

Code
Type
Description
201

Successfully created

400
-

Invalid parameters

403
-

Approving remote access request is disabled

500
-

Operation failed

513
-

Mission Control is unavailable

Response body objects

The AccessRequestData object

Access Request data

Element
Type
Description
requestId
string

Request id

userId
string

User id

reason
string

Request reason description

requestedDays
integer

For how many days access is requested

role
string

Requested role

  • devops-admin
  • devops-user
  • devops-viewer
createdTimestamp
integer

Access request created at (timestamp)

expirationTimestamp
integer

Access expires at (timestamp)

state
string

Access request state

  • ACCEPTED
  • EXPIRED
  • PENDING
  • REJECTED
stateModifiedByUser
string

Access request state was modified by user

Response body JSON model

{
  "requestId": "string",
  "userId": "string",
  "reason": "string",
  "requestedDays": 1,
  "role": "devops-admin",
  "createdTimestamp": 1,
  "expirationTimestamp": 1,
  "state": "ACCEPTED",
  "stateModifiedByUser": "string"
}

Example

In this example, you grant the user john.smith@dynatrace.com a remote cluster permission with an admin role for 7 days.

Curl

curl -X POST "https://myManaged.cluster.com/api/cluster/v2/remoteaccess/requests"
          -H  "accept: application/json"
      -H  "Content-Type: */*"
      -d "{\"userId\":\"john.smith@dynatrace.com\",\"reason\":\"SUP-123456 Verifying cluster state after upgrade\",\"requestedDays\":7,\"role\":\"devops-admin\"}"

Request URL

https://myManaged.cluster.com/api/cluster/v2/remoteaccess/requests

Request body

{
  "userId": "john.smith@dynatrace.com",
  "reason": "SUP-123456 Verifying cluster state after upgrade",
  "requestedDays": 7,
  "role": "devops-admin"
}

Response body

{
  "requestId":"7a397770-86b7-473b-b23e-4a07d79f2eff",
  "userId":"john.smith@dynatrace.com",
  "reason":"SUP-123456 Verifying cluster state after upgrade",
  "requestedDays":7,
  "role":"devops-admin",
  "createdTimestamp":1586452866661,
  "expirationTimestamp":null,
  "state":"PENDING",
  "stateModifiedByUser":null
}

Response code

201