SystemLink Forum

Showing results for 
Search instead for 
Did you mean: 

How to prevent other user from accessing HTTP API

Is there a way to prevent other user (e.g. collaborator) from accessing HTTP API?



We want to prevent them from i.e. listing users, listing policies or workspaces, etc.

0 Kudos
Message 1 of 3

Hi ThamS, 


While we don't limit access to that page, the privileges of the logged in user will prevent them from executing HTTP APIs they do not have granted access to. Said another way, SystemLink access control is not just on the front end web application. Privileges are evaluated within the backend services and access is limited there as well. This is part of our defense in depth strategy for SystemLink RBAC. 


Refer to for details. 

NI App Software R&D
0 Kudos
Message 2 of 3
We want to limit any normal users (e.g. as collaborators) for not able to get/know list of Users.

because currently if they logged in and run the API for Query Users (POST ​/users​/query Query the users)
they could list all of the Users.
How to prevent it?
0 Kudos
Message 3 of 3