Grant remote access permission

This API call grants remote access permission to a specific user. You can specify the user role, duration, and reason for remote access request. The request consumes and produces an application/json payload.

Authentication

To execute this request, you need one of the following API-Token scopes:

Cluster token management (ClusterTokenManagement)
Service Provider API (ServiceProviderAPI )
Nodekeeper access for node management (Nodekeeper)
To learn how to obtain and use it, see Cluster API - Authentication.

Endpoint

/api/cluster/v2/remoteaccess/requests

Parameters

Parameter	Type	Description	In	Required
body	CreateAccessRequestDto	The JSON body of the request, containing parameters of access request.	body	optional

Request body objects

The `CreateAccessRequestDto` object

Access request data - format used to create a request

Element	Type	Description
userId	string	User id Can be `null`.
reason	string	Request reason description Can be `null`.
requestedDays	integer	For how many days access is requested Can be `null`.
role	string	Requested role The element can hold these values `devops-admin` `devops-user` `devops-viewer` Can be `null`.

Request body JSON model

This is a model of the request body, showing the possible elements. It has to be adjusted for usage in an actual request.

json
{
  "userId": "string",
  "reason": "string",
  "requestedDays": 1,
  "role": "devops-admin"
}

Response

Response codes

Code	Type	Description
201	AccessRequestData	Successfully created
400	-	Invalid parameters
403	-	Approving remote access request is disabled
500	-	Operation failed
513	-	Mission Control is unavailable

Response body objects

The `AccessRequestData` object

Access Request data

Element	Type	Description
requestId	string	Request id Can be `null`.
userId	string	User id Can be `null`.
reason	string	Request reason description Can be `null`.
requestedDays	integer	For how many days access is requested Can be `null`.
role	string	Requested role The element can hold these values `devops-admin` `devops-user` `devops-viewer` Can be `null`.
createdTimestamp	integer	Access request created at (timestamp) Can be `null`.
expirationTimestamp	integer	Access expires at (timestamp) Can be `null`.
state	string	Access request state The element can hold these values `ACCEPTED` `EXPIRED` `PENDING` `REJECTED` Can be `null`.
stateModifiedByUser	string	Access request state was modified by user Can be `null`.

Response body JSON model

json
{
  "requestId": "string",
  "userId": "string",
  "reason": "string",
  "requestedDays": 1,
  "role": "devops-admin",
  "createdTimestamp": 1,
  "expirationTimestamp": 1,
  "state": "ACCEPTED",
  "stateModifiedByUser": "string"
}

Example

In this example, you grant the user john.smith@dynatrace.com a remote cluster permission with an admin role for 7 days.

Curl

shell
curl -X POST "https://myManaged.cluster.com/api/cluster/v2/remoteaccess/requests"
          -H  "accept: application/json"
      -H  "Content-Type: */*"
      -d "{\"userId\":\"john.smith@dynatrace.com\",\"reason\":\"SUP-123456 Verifying cluster state after upgrade\",\"requestedDays\":7,\"role\":\"devops-admin\"}"

Request URL

plaintext
https://myManaged.cluster.com/api/cluster/v2/remoteaccess/requests

Request body

json
{
  "userId": "john.smith@dynatrace.com",
  "reason": "SUP-123456 Verifying cluster state after upgrade",
  "requestedDays": 7,
  "role": "devops-admin"
}

Response body

json
{
  "requestId":"7a397770-86b7-473b-b23e-4a07d79f2eff",
  "userId":"john.smith@dynatrace.com",
  "reason":"SUP-123456 Verifying cluster state after upgrade",
  "requestedDays":7,
  "role":"devops-admin",
  "createdTimestamp":1586452866661,
  "expirationTimestamp":null,
  "state":"PENDING",
  "stateModifiedByUser":null
}

Response code

201