# UI Access ### Pages Below you can find the list of pages available on the Admin-UI along side the optional and required permissions to access them. #### Data **Data Explorer** `/data/explorer` **Required permissions** * [Subscribing to MQTT Topics](#subscribing-to-mqtt-topics) **Optional permissions** * [Loading Connectware’s topics](#loading-connectwares-topics) #### Services **Deviated Services** `/services/deviated` **Required permissions** * [Detecting and listing deviations](#detecting-and-listing-deviations) **Optional permissions** * [Loading service’s details](#loading-services-details) **Rule Sandbox** `/services/rule-engine-sandbox` **Required permissions** * [Subscribing to MQTT Topics](#subscribing-to-mqtt-topics) **Optional permissions** * [Listing CW’s resources on the Rule Sandbox](#listing-cws-resources-on-the-rule-sandbox) **Service Catalog** `/services/catalog` **Required permissions** * [Creating or updating services](#creating-or-updating-services) * [Loading service’s catalog metadata](#loading-services-catalog-metadata) **Service Logs** `/services/logs` **Required permissions** * [Loading logs](#loading-logs) **Service Overview** `/services/overview` **Required permissions** * [Loading services](#loading-services) **Optional permissions** * [Creating or updating services](#creating-or-updating-services) * [Loading service’s details](#loading-services-details) * [Managing services](#managing-services) **Edit template** `/services/edit-template` **Required permissions** * [Edit service templates](#edit-service-templates) **Service Details** `/services/overview/:serviceId` **Required permissions** * [Loading service’s details](#loading-services-details) **Optional permissions** * In order to **create and update services** the following permissions are required: * [Creating or updating services](#creating-or-updating-services) * [Load service’s commissioning file](#load-services-commissioning-file) * In order to **use service\`s Live Data** the following permissions are required: * [Loading service’s Live Data](#loading-services-live-data) * [Subscribing to MQTT Topics](#subscribing-to-mqtt-topics) * [Load service’s commissioning file](#load-services-commissioning-file) * [Loading connections](#loading-connections) * [Loading endpoints](#loading-endpoints) * [Loading logs](#loading-logs) * [Loading mappings](#loading-mappings) * [Loading nodes](#loading-nodes) * [Loading servers](#loading-servers) * [Loading service containers](#loading-service-containers) * [Loading volumes](#loading-volumes) * [Managing services](#managing-services) **Connection** `/services/overview/:serviceId/connections/:resourceId` **Required permissions** * [Loading connection’s details](#loading-connections-details) **Optional permissions** * [Loading logs](#loading-logs) * [Managing connections](#managing-connections) **Container** `/services/overview/:serviceId/containers/:resourceId` **Required permissions** * [Loading service container’s details](#loading-service-containers-details) **Optional permissions** * [Loading logs](#loading-logs) * [Managing service containers](#managing-service-containers) **Endpoint** `/services/overview/:serviceId/endpoints/:resourceId` **Required permissions** * [Loading endpoint’s details](#loading-endpoints-details) **Optional permissions** * [Loading logs](#loading-logs) * [Managing endpoints](#managing-endpoints) **Mapping** `/services/overview/:serviceId/mappings/:resourceId` **Required permissions** * [Loading mapping’s details](#loading-mappings-details) **Optional permissions** * [Loading logs](#loading-logs) * [Managing mappings](#managing-mappings) * [Subscribing to MQTT Topics](#subscribing-to-mqtt-topics) **Server** `/services/overview/:serviceId/servers/:resourceId` **Required permissions** * [Loading server’s details](#loading-servers-details) **Optional permissions** * [Loading logs](#loading-logs) * [Loading nodes](#loading-nodes) * [Managing servers](#managing-servers) **Volume** `/services/overview/:serviceId/volumes/:resourceId` **Required permissions** * [Loading volume’s details](#loading-volumes-details) **Optional permissions** * [Loading logs](#loading-logs) * [Managing volumes](#managing-volumes) **Service Resources** `/services/resources` **Required permissions** Fulfill any of the required permissions below and **Service Resources** will be available * [Loading connections](#loading-connections) * [Loading endpoints](#loading-endpoints) * [Loading mappings](#loading-mappings) * [Loading nodes](#loading-nodes) * [Loading servers](#loading-servers) * [Loading service containers](#loading-service-containers) * [Loading services](#loading-services) * [Loading volumes](#loading-volumes) **Optional permissions** * [Loading connection’s details](#loading-connections-details) * [Loading endpoint’s details](#loading-endpoints-details) * [Loading mapping’s details](#loading-mappings-details) * [Loading server’s details](#loading-servers-details) * [Loading service container’s details](#loading-service-containers-details) * [Loading service’s details](#loading-services-details) * [Loading volume’s details](#loading-volumes-details) * [Managing connections](#managing-connections) * [Managing endpoints](#managing-endpoints) * [Managing mappings](#managing-mappings) * [Managing servers](#managing-servers) * [Managing service containers](#managing-service-containers) * [Managing volumes](#managing-volumes) **Connections** `/services/resources/connections` **Required permissions** * [Loading connections](#loading-connections) **Optional permissions** * [Loading connection’s details](#loading-connections-details) * [Managing connections](#managing-connections) **Connection** `/services/resources/connections/:resourceId` **Required permissions** * [Loading connection’s details](#loading-connections-details) **Optional permissions** * [Loading logs](#loading-logs) * [Managing connections](#managing-connections) **Containers** `/services/resources/containers` **Required permissions** * [Loading service containers](#loading-service-containers) **Optional permissions** * [Loading service container’s details](#loading-service-containers-details) * [Managing service containers](#managing-service-containers) **Container** `/services/resources/containers/:resourceId` **Required permissions** * [Loading service container’s details](#loading-service-containers-details) **Optional permissions** * [Loading logs](#loading-logs) * [Managing service containers](#managing-service-containers) **Endpoints** `/services/resources/endpoints` **Required permissions** * [Loading endpoints](#loading-endpoints) **Optional permissions** * [Loading endpoint’s details](#loading-endpoints-details) * [Managing endpoints](#managing-endpoints) **Endpoint** `/services/resources/endpoints/:resourceId` **Required permissions** * [Loading endpoint’s details](#loading-endpoints-details) **Optional permissions** * [Loading logs](#loading-logs) * [Managing endpoints](#managing-endpoints) **Mappings** `/services/resources/mappings` **Required permissions** * [Loading mappings](#loading-mappings) **Optional permissions** * [Loading mapping’s details](#loading-mappings-details) * [Managing mappings](#managing-mappings) **Mapping** `/services/resources/mappings/:resourceId` **Required permissions** * [Loading mapping’s details](#loading-mappings-details) **Optional permissions** * [Loading logs](#loading-logs) * [Managing mappings](#managing-mappings) * [Subscribing to MQTT Topics](#subscribing-to-mqtt-topics) **Nodes** `/services/resources/nodes` **Required permissions** * [Loading nodes](#loading-nodes) **Servers** `/services/resources/servers` **Required permissions** * [Loading servers](#loading-servers) **Optional permissions** * [Loading server’s details](#loading-servers-details) * [Managing servers](#managing-servers) **Server** `/services/resources/servers/:resourceId` **Required permissions** * [Loading server’s details](#loading-servers-details) **Optional permissions** * [Loading logs](#loading-logs) * [Loading nodes](#loading-nodes) * [Managing servers](#managing-servers) **Service Links** `/services/resources/links` **Required permissions** * [Loading services](#loading-services) **Optional permissions** * [Loading service’s details](#loading-services-details) **Service Details** `/services/resources/service/:resourceId` **Required permissions** * [Loading service’s details](#loading-services-details) **Optional permissions** * In order to **create and update services** the following permissions are required: * [Creating or updating services](#creating-or-updating-services) * [Load service’s commissioning file](#load-services-commissioning-file) * In order to **use service\`s Live Data** the following permissions are required: * [Loading service’s Live Data](#loading-services-live-data) * [Subscribing to MQTT Topics](#subscribing-to-mqtt-topics) * [Load service’s commissioning file](#load-services-commissioning-file) * [Loading connections](#loading-connections) * [Loading endpoints](#loading-endpoints) * [Loading logs](#loading-logs) * [Loading mappings](#loading-mappings) * [Loading nodes](#loading-nodes) * [Loading servers](#loading-servers) * [Loading service containers](#loading-service-containers) * [Loading volumes](#loading-volumes) * [Managing services](#managing-services) **Volumes** `/services/resources/volumes` **Required permissions** * [Loading volumes](#loading-volumes) **Optional permissions** * [Loading volume’s details](#loading-volumes-details) * [Managing volumes](#managing-volumes) **Volume** `/services/resources/volumes/:resourceId` **Required permissions** * [Loading volume’s details](#loading-volumes-details) **Optional permissions** * [Loading logs](#loading-logs) * [Managing volumes](#managing-volumes) #### Settings **Login** `/settings/login` **Optional permissions** * In order to **manage your password** the following permissions are required: * [Managing your own password](#managing-your-own-password) * [Retrieving CW’s password policy](#retrieving-cws-password-policy) * [Use Multi-factor authentication](#use-multi-factor-authentication) #### System **System Status** `/system/status` **Required permissions** Fulfill any of the required permissions below and **System Status** will be available * [Loading Connectware’s metrics](#loading-connectwares-metrics) * [Loading Connectware’s system information](#loading-connectwares-system-information) * [Loading agents](#loading-agents) * [Loading core containers](#loading-core-containers) **Optional permissions** * [Loading core container’s details](#loading-core-containers-details) * [Loading services](#loading-services) * [Managing Connectware’s license](#managing-connectwares-license) * [Managing Connectware’s metrics](#managing-connectwares-metrics) * [Managing agents](#managing-agents) * [Managing core containers](#managing-core-containers) **Agents** `/system/status/agents` **Required permissions** * [Loading agents](#loading-agents) **Optional permissions** * [Managing agents](#managing-agents) **Internet Connectivity** `/system/status/internet-connectivity` **Required permissions** * [Loading Connectware’s system information](#loading-connectwares-system-information) **License** `/system/status/license` **Required permissions** * [Loading Connectware’s system information](#loading-connectwares-system-information) **Optional permissions** * [Managing Connectware’s license](#managing-connectwares-license) **Metrics** `/system/status/metrics` **Required permissions** * [Loading Connectware’s metrics](#loading-connectwares-metrics) **Optional permissions** * [Managing Connectware’s metrics](#managing-connectwares-metrics) **System Container** `/system/status/container` **Required permissions** * [Loading core containers](#loading-core-containers) **Optional permissions** * [Loading core container’s details](#loading-core-containers-details) * [Managing core containers](#managing-core-containers) **Container** `/system/status/container/:resourceId` **Required permissions** * [Loading core container’s details](#loading-core-containers-details) **Optional permissions** * [Loading logs](#loading-logs) * [Managing core containers](#managing-core-containers) **System Information** `/system/status/information` **Required permissions** * [Loading Connectware’s system information](#loading-connectwares-system-information) **Optional permissions** * [Loading services](#loading-services) #### User **Client Registry** `/user/client-registry` **Required permissions** * [Managing the client registry](#managing-the-client-registry) **User Certificates** `/user/certificates` **Required permissions** * [Managing certificates](#managing-certificates) **User Management** **Permissions** `/user/management/permissions` **Required permissions** * [Managing permissions](#managing-permissions) **Roles** `/user/management/roles` **Required permissions** * [Load configuration needed to manage users and roles](#load-configuration-needed-to-manage-users-and-roles) * [Managing roles](#managing-roles) **Users** `/user/management/users` **Required permissions** * [Load configuration needed to manage users and roles](#load-configuration-needed-to-manage-users-and-roles) * [Managing users](#managing-users) * [Retrieving CW’s password policy](#retrieving-cws-password-policy) * [Retrieving CW’s username policy](#retrieving-cws-username-policy) ### Permissions Below you can find the alternative permissions that can be assigned to users and roles in order to enable them to perform actions on the Admin UI. #### Creating or updating services | Resource | Context | Operation | | -------------------------------- | ------- | --------- | | `/api/services/parametersSchema` | `http` | `write` | | `/api/services` | `http` | `write` | | `/api/v2/services/+` | `http` | `write` | #### Detecting and listing deviations | Resource | Context | Operation | | ---------------------------------------------- | ------- | --------- | | `/api/v2/resources/states/deviations/count` | `http` | `read` | | `/api/v2/resources/states/deviations/services` | `http` | `read` | | `/api/v2/resources/states/deviations` | `http` | `read` | | `/api/v2/services/+` | `http` | `read` | #### Edit service templates | Resource | Context | Operation | | ------------------------ | ------- | --------- | | `/api/resources/schemas` | `http` | `read` | | `/api/validate/service` | `http` | `write` | #### Listing CW’s resources on the Rule Sandbox | Resource | Context | Operation | | ------------------- | ------- | --------- | | `/api/v2/resources` | `http` | `read` | #### Load configuration needed to manage users and roles | Resource | Context | Operation | | ---------------- | ------- | --------- | | `/api/auth/ldap` | `http` | `read` | | `/api/auth/mfa` | `http` | `read` | #### Load service’s commissioning file | Resource | Context | Operation | | --------------------------------------------- | ------- | --------- | | `/api/v2/services/+/serviceCommissioningFile` | `http` | `read` | #### Loading agents | Resource | Context | Operation | | -------------------------- | ------- | --------- | | `/api/v2/resource-runners` | `http` | `read` | #### Loading connection’s details | Resource | Context | Operation | | -------------------------- | ------- | --------- | | `/api/v2/resources/+` | `http` | `read` | | `/api/v2/resources/states` | `http` | `read` | #### Loading connections | Resource | Context | Operation | | ------------------------------------------- | ------- | --------- | | `/api/v2/resources/states/deviations/count` | `http` | `read` | | `/api/v2/resources/states` | `http` | `read` | | `/api/v2/resources` | `http` | `read` | | `/api/v2/services/+/resources` | `http` | `read` | #### Loading Connectware’s metrics | Resource | Context | Operation | | ----------------------- | ------- | --------- | | `/api/system/metrics` | `http` | `read` | | `/api/system/preflight` | `http` | `read` | #### Loading Connectware’s system information | Resource | Context | Operation | | ----------------------- | ------- | --------- | | `/api/system/info` | `http` | `read` | | `/api/system/preflight` | `http` | `read` | #### Loading Connectware’s topics | Resource | Context | Operation | | ---------------------------- | ------- | --------- | | `/api/v2/mqtt/topics/levels` | `http` | `read` | #### Loading core container’s details | Resource | Context | Operation | | -------------------------------- | ------- | --------- | | `/api/core-containers/+/inspect` | `http` | `read` | #### Loading core containers | Resource | Context | Operation | | ----------------------------------- | ------- | --------- | | `/api/core-containers/+/inspect` | `http` | `read` | | `/api/core-containers/orchestrator` | `http` | `read` | | `/api/core-containers` | `http` | `read` | #### Loading endpoint’s details | Resource | Context | Operation | | -------------------------- | ------- | --------- | | `/api/v2/resources/+` | `http` | `read` | | `/api/v2/resources/states` | `http` | `read` | #### Loading endpoints | Resource | Context | Operation | | ------------------------------------------- | ------- | --------- | | `/api/v2/resources/states/deviations/count` | `http` | `read` | | `/api/v2/resources/states` | `http` | `read` | | `/api/v2/resources` | `http` | `read` | | `/api/v2/services/+/resources` | `http` | `read` | #### Loading logs | Resource | Context | Operation | | ----------------------------------- | ------- | --------- | | `/api/core-containers/+/logs` | `http` | `read` | | `/api/core-containers/orchestrator` | `http` | `read` | | `/api/core-containers` | `http` | `read` | | `/api/v2/resources/+` | `http` | `read` | #### Loading mapping’s details | Resource | Context | Operation | | -------------------------- | ------- | --------- | | `/api/v2/resources/+` | `http` | `read` | | `/api/v2/resources/states` | `http` | `read` | #### Loading mappings | Resource | Context | Operation | | ------------------------------------------- | ------- | --------- | | `/api/v2/resources/states/deviations/count` | `http` | `read` | | `/api/v2/resources/states` | `http` | `read` | | `/api/v2/resources` | `http` | `read` | | `/api/v2/services/+/resources` | `http` | `read` | #### Loading nodes | Resource | Context | Operation | | ------------------------------------------- | ------- | --------- | | `/api/v2/resources/states/deviations/count` | `http` | `read` | | `/api/v2/resources/states` | `http` | `read` | | `/api/v2/resources` | `http` | `read` | | `/api/v2/services/+/resources` | `http` | `read` | #### Loading server’s details | Resource | Context | Operation | | -------------------------- | ------- | --------- | | `/api/v2/resources/+` | `http` | `read` | | `/api/v2/resources/states` | `http` | `read` | #### Loading servers | Resource | Context | Operation | | ------------------------------------------- | ------- | --------- | | `/api/v2/resources/states/deviations/count` | `http` | `read` | | `/api/v2/resources/states` | `http` | `read` | | `/api/v2/resources` | `http` | `read` | | `/api/v2/services/+/resources` | `http` | `read` | #### Loading service container’s details | Resource | Context | Operation | | --------------------------- | ------- | --------- | | `/api/containers/+/inspect` | `http` | `read` | #### Loading service containers | Resource | Context | Operation | | ------------------------------ | ------- | --------- | | `/api/containers/+/inspect` | `http` | `read` | | `/api/containers/orchestrator` | `http` | `read` | | `/api/containers` | `http` | `read` | #### Loading service’s catalog metadata | Resource | Context | Operation | | --------------------------- | ------- | --------- | | `/api/marketplace/app/meta` | `http` | `read` | | `/api/marketplace/app` | `http` | `read` | | `/api/marketplace/apps` | `http` | `read` | #### Loading service’s details | Resource | Context | Operation | | ------------------------------------------- | ------- | --------- | | `/api/services/+/dependencies` | `http` | `read` | | `/api/services/all-links` | `http` | `read` | | `/api/v2/resources/states/deviations/count` | `http` | `read` | | `/api/v2/services/+` | `http` | `read` | #### Loading service’s Live Data | Resource | Context | Operation | | ------------------------------ | ------- | --------- | | `/api/v2/services/+/resources` | `http` | `read` | #### Loading services | Resource | Context | Operation | | ------------------------------------------- | ------- | --------- | | `/api/services/all-links` | `http` | `read` | | `/api/v2/resources/states/deviations/count` | `http` | `read` | | `/api/v2/services/stats/count` | `http` | `read` | | `/api/v2/services` | `http` | `read` | #### Loading volume’s details | Resource | Context | Operation | | ------------------------ | ------- | --------- | | `/api/volumes/+/inspect` | `http` | `read` | #### Loading volumes | Resource | Context | Operation | | -------------- | ------- | --------- | | `/api/volumes` | `http` | `read` | #### Managing agents | Resource | Context | Operation | | -------------------------- | ------- | --------- | | `/api/resources/runners/+` | `http` | `write` | #### Managing certificates | Resource | Context | Operation | | --------------------------- | ------- | ----------- | | `/api/certificates/content` | `http` | `read` | | `/api/certificates` | `http` | `readWrite` | #### Managing connections | Resource | Context | Operation | | ------------------------------- | ------- | --------- | | `/api/v2/resources/+/operation` | `http` | `write` | #### Managing Connectware’s license | Resource | Context | Operation | | ------------------------- | ------- | --------- | | `/api/system/licensefile` | `http` | `write` | | `/api/system/refresh` | `http` | `read` | #### Managing Connectware’s metrics | Resource | Context | Operation | | --------------------- | ------- | --------- | | `/api/system/metrics` | `http` | `write` | #### Managing core containers | Resource | Context | Operation | | ---------------------------------- | ------- | --------- | | `/api/core-containers/+/operation` | `http` | `write` | #### Managing endpoints | Resource | Context | Operation | | ------------------------------- | ------- | --------- | | `/api/v2/resources/+/operation` | `http` | `write` | #### Managing mappings | Resource | Context | Operation | | ------------------------------- | ------- | --------- | | `/api/v2/resources/+/operation` | `http` | `write` | #### Managing permissions | Resource | Context | Operation | | ----------------------- | ------- | --------- | | `/api/permissions/ids` | `http` | `read` | | `/api/permissions/page` | `http` | `read` | #### Managing roles | Resource | Context | Operation | | ------------------ | ------- | --------- | | `/api/roles/+` | `http` | `write` | | `/api/roles/names` | `http` | `read` | | `/api/roles/page` | `http` | `read` | | `/api/roles` | `http` | `write` | #### Managing servers | Resource | Context | Operation | | ------------------------------- | ------- | --------- | | `/api/v2/resources/+/operation` | `http` | `write` | #### Managing service containers | Resource | Context | Operation | | ----------------------------- | ------- | --------- | | `/api/containers/+/operation` | `http` | `write` | #### Managing services | Resource | Context | Operation | | --------------------------- | ------- | --------- | | `/api/services/+/operation` | `http` | `write` | | `/api/services/+` | `http` | `write` | #### Managing the client registry | Resource | Context | Operation | | ------------------------------ | ------- | --------- | | `/api/client-registry/confirm` | `http` | `write` | | `/api/client-registry/lock` | `http` | `write` | | `/api/client-registry/open` | `http` | `write` | | `/api/client-registry/status` | `http` | `read` | | `/api/client-registry` | `http` | `read` | #### Managing users | Resource | Context | Operation | | ------------------------- | ------- | --------- | | `/api/listUsers` | `http` | `read` | | `/api/users/+` | `http` | `write` | | `/api/users/batch/delete` | `http` | `write` | | `/api/users/batch` | `http` | `write` | | `/api/users/usernames` | `http` | `read` | #### Managing volumes #### Managing your own password | Resource | Context | Operation | | ---------------------------- | ------- | --------- | | `/api/users/change-password` | `http` | `write` | #### Retrieving CW’s password policy | Resource | Context | Operation | | ---------------------- | ------- | --------- | | `/api/policy/password` | `http` | `read` | #### Retrieving CW’s username policy | Resource | Context | Operation | | ---------------------- | ------- | --------- | | `/api/policy/username` | `http` | `read` | #### Subscribing to MQTT Topics | Resource | Context | Operation | | -------- | ------- | --------- | | Any | `mqtt` | `read` | #### Use Multi-factor authentication | Resource | Context | Operation | | --------------------------------- | ------- | --------- | | `/api/mfa/disable` | `http` | `write` | | `/api/mfa/enable` | `http` | `write` | | `/api/mfa/isenrolled` | `http` | `read` | | `/api/mfa/regenerate/backupcodes` | `http` | `write` | | `/api/mfa/validate` | `http` | `write` | #### Using the workbench | Resource | Context | Operation | | -------------- | ------- | ----------- | | `/workbench/#` | `http` | `readWrite` | | `/workbench` | `http` | `readWrite` |