• Home
  • Dynatrace Managed
  • Cluster API
  • Cluster API v2
  • Remote access
  • Grant remote access permission

Grant remote access permission

This API call grants remote access permission to a specific user. You can specify the user role, duration, and reason for remote access request. The request consumes and produces an application/json payload.

Authentication

To execute this request, you need one of the following API-Token scopes:

  • Cluster token management (ClusterTokenManagement)
  • Service Provider API (ServiceProviderAPI )
  • Nodekeeper access for node management (Nodekeeper)
    To learn how to obtain and use it, see Cluster API - Authentication.

Endpoint

/api/cluster/v2/remoteaccess/requests

Parameters

ParameterTypeDescriptionInRequired
bodyCreateAccessRequestDto

The JSON body of the request, containing parameters of access request.

bodyoptional

Request body objects

The CreateAccessRequestDto object

Access request data - format used to create a request

ElementTypeDescriptionRequired
userIdstring

User id

optional
reasonstring

Request reason description

optional
requestedDaysinteger

For how many days access is requested

optional
rolestring

Requested role

The element can hold these values
  • devops-admin
  • devops-user
  • devops-viewer
optional

Request body JSON model

This is a model of the request body, showing the possible elements. It has to be adjusted for usage in an actual request.

json
{ "userId": "string", "reason": "string", "requestedDays": 1, "role": "devops-admin" }

Response

Response codes

CodeTypeDescription
201AccessRequestData

Successfully created

400

Invalid parameters

403

Approving remote access request is disabled

500

Operation failed

513

Mission Control is unavailable

Response body objects

The AccessRequestData object

Access Request data

ElementTypeDescription
requestIdstring

Request id

userIdstring

User id

reasonstring

Request reason description

requestedDaysinteger

For how many days access is requested

rolestring

Requested role

The element can hold these values
  • devops-admin
  • devops-user
  • devops-viewer
createdTimestampinteger

Access request created at (timestamp)

expirationTimestampinteger

Access expires at (timestamp)

statestring

Access request state

The element can hold these values
  • ACCEPTED
  • EXPIRED
  • PENDING
  • REJECTED
stateModifiedByUserstring

Access request state was modified by user

Response body JSON model

json
{ "requestId": "string", "userId": "string", "reason": "string", "requestedDays": 1, "role": "devops-admin", "createdTimestamp": 1, "expirationTimestamp": 1, "state": "ACCEPTED", "stateModifiedByUser": "string" }

Example

In this example, you grant the user john.smith@dynatrace.com a remote cluster permission with an admin role for 7 days.

Curl

bash
curl -X POST "https://myManaged.cluster.com/api/cluster/v2/remoteaccess/requests" -H "accept: application/json" -H "Content-Type: */*" -d "{\"userId\":\"john.smith@dynatrace.com\",\"reason\":\"SUP-123456 Verifying cluster state after upgrade\",\"requestedDays\":7,\"role\":\"devops-admin\"}"

Request URL

plaintext
https://myManaged.cluster.com/api/cluster/v2/remoteaccess/requests

Request body

json
{ "userId": "john.smith@dynatrace.com", "reason": "SUP-123456 Verifying cluster state after upgrade", "requestedDays": 7, "role": "devops-admin" }

Response body

json
{ "requestId":"7a397770-86b7-473b-b23e-4a07d79f2eff", "userId":"john.smith@dynatrace.com", "reason":"SUP-123456 Verifying cluster state after upgrade", "requestedDays":7, "role":"devops-admin", "createdTimestamp":1586452866661, "expirationTimestamp":null, "state":"PENDING", "stateModifiedByUser":null }

Response code

201