Grant remote access permission

This API call grants remote access permission to a specific user. You can specify the user role, duration, and reason for remote access request. The request consumes and produces an application/json payload.

Authentication

To execute this request, you need one of the following API-Token scopes:

Cluster token management (ClusterTokenManagement)
Service Provider API (ServiceProviderAPI )
Nodekeeper access for node management (Nodekeeper)
To learn how to obtain and use it, see Cluster API - Authentication.

Endpoint

/api/cluster/v2/remoteaccess/requests

Parameters

Parameter	Type	Description	In	Required
body	CreateAccessRequestDto	The JSON body of the request, containing parameters of access request.	body	optional

Request body objects

The `CreateAccessRequestDto` object

Access request data - format used to create a request

Element	Type	Description	Required
userId	string	User id	optional
reason	string	Request reason description	optional
requestedDays	integer	For how many days access is requested	optional
role	string	Requested role The element can hold these values `devops-admin` `devops-user` `devops-viewer`	optional

Request body JSON model

This is a model of the request body, showing the possible elements. It has to be adjusted for usage in an actual request.

json
{
  "userId": "string",
  "reason": "string",
  "requestedDays": 1,
  "role": "devops-admin"
}

Response

Response codes

Code	Type	Description
201	AccessRequestData	Successfully created
400		Invalid parameters
403		Approving remote access request is disabled
500		Operation failed
513		Mission Control is unavailable

Response body objects

The `AccessRequestData` object

Access Request data

Element	Type	Description
requestId	string	Request id
userId	string	User id
reason	string	Request reason description
requestedDays	integer	For how many days access is requested
role	string	Requested role The element can hold these values `devops-admin` `devops-user` `devops-viewer`
createdTimestamp	integer	Access request created at (timestamp)
expirationTimestamp	integer	Access expires at (timestamp)
state	string	Access request state The element can hold these values `ACCEPTED` `EXPIRED` `PENDING` `REJECTED`
stateModifiedByUser	string	Access request state was modified by user

Response body JSON model

json
{
  "requestId": "string",
  "userId": "string",
  "reason": "string",
  "requestedDays": 1,
  "role": "devops-admin",
  "createdTimestamp": 1,
  "expirationTimestamp": 1,
  "state": "ACCEPTED",
  "stateModifiedByUser": "string"
}

Example

In this example, you grant the user john.smith@dynatrace.com a remote cluster permission with an admin role for 7 days.

Curl

bash
curl -X POST "https://myManaged.cluster.com/api/cluster/v2/remoteaccess/requests"
          -H  "accept: application/json"
      -H  "Content-Type: */*"
      -d "{\"userId\":\"john.smith@dynatrace.com\",\"reason\":\"SUP-123456 Verifying cluster state after upgrade\",\"requestedDays\":7,\"role\":\"devops-admin\"}"

Request URL

plaintext
https://myManaged.cluster.com/api/cluster/v2/remoteaccess/requests

Request body

json
{
  "userId": "john.smith@dynatrace.com",
  "reason": "SUP-123456 Verifying cluster state after upgrade",
  "requestedDays": 7,
  "role": "devops-admin"
}

Response body

json
{
  "requestId":"7a397770-86b7-473b-b23e-4a07d79f2eff",
  "userId":"john.smith@dynatrace.com",
  "reason":"SUP-123456 Verifying cluster state after upgrade",
  "requestedDays":7,
  "role":"devops-admin",
  "createdTimestamp":1586452866661,
  "expirationTimestamp":null,
  "state":"PENDING",
  "stateModifiedByUser":null
}

Response code

201