Grant remote access permission
This API call grants remote access permission to a specific user. You can specify the user role, duration, and reason for remote access request. The request consumes and produces an application/json payload.
Authentication
To execute this request, you need one of the following API-Token scopes:
- Cluster token management (
ClusterTokenManagement) - Service Provider API (
ServiceProviderAPI) - Nodekeeper access for node management (
Nodekeeper)
To learn how to obtain and use it, see Cluster API - Authentication.
Endpoint
/api/cluster/v2/remoteaccess/requests
Parameters
| Parameter | Type | Description | In | Required |
|---|---|---|---|---|
| body | CreateAccessRequestDto | The JSON body of the request, containing parameters of access request. | body | optional |
Request body objects
The CreateAccessRequestDto object
Access request data - format used to create a request
| Element | Type | Description | Required |
|---|---|---|---|
| userId | string | User id | optional |
| reason | string | Request reason description | optional |
| requestedDays | integer | For how many days access is requested | optional |
| role | string | Requested role
| optional |
Request body JSON model
This is a model of the request body, showing the possible elements. It has to be adjusted for usage in an actual request.
{"userId": "string","reason": "string","requestedDays": 1,"role": "devops-admin"}
Response
Response codes
| Code | Type | Description |
|---|---|---|
| 201 | AccessRequestData | Successfully created |
| 400 | - | Invalid parameters |
| 403 | - | Approving remote access request is disabled |
| 500 | - | Operation failed |
| 513 | - | Mission Control is unavailable |
Response body objects
The AccessRequestData object
Access Request data
| Element | Type | Description |
|---|---|---|
| requestId | string | Request id |
| userId | string | User id |
| reason | string | Request reason description |
| requestedDays | integer | For how many days access is requested |
| role | string | Requested role
|
| createdTimestamp | integer | Access request created at (timestamp) |
| expirationTimestamp | integer | Access expires at (timestamp) |
| state | string | Access request state
|
| stateModifiedByUser | string | Access request state was modified by user |
Response body JSON model
{"requestId": "string","userId": "string","reason": "string","requestedDays": 1,"role": "devops-admin","createdTimestamp": 1,"expirationTimestamp": 1,"state": "ACCEPTED","stateModifiedByUser": "string"}
Example
In this example, you grant the user john.smith@dynatrace.com a remote cluster permission with an admin role for 7 days.
Curl
curl -X POST "https://myManaged.cluster.com/api/cluster/v2/remoteaccess/requests"-H "accept: application/json"-H "Content-Type: */*"-d "{\"userId\":\"john.smith@dynatrace.com\",\"reason\":\"SUP-123456 Verifying cluster state after upgrade\",\"requestedDays\":7,\"role\":\"devops-admin\"}"
Request URL
https://myManaged.cluster.com/api/cluster/v2/remoteaccess/requests
Request body
{"userId": "john.smith@dynatrace.com","reason": "SUP-123456 Verifying cluster state after upgrade","requestedDays": 7,"role": "devops-admin"}
Response body
{"requestId":"7a397770-86b7-473b-b23e-4a07d79f2eff","userId":"john.smith@dynatrace.com","reason":"SUP-123456 Verifying cluster state after upgrade","requestedDays":7,"role":"devops-admin","createdTimestamp":1586452866661,"expirationTimestamp":null,"state":"PENDING","stateModifiedByUser":null}
Response code
201