API Gateway permissions

The following permissions allow access to API Gateway and related features. See the description of each permission to learn about the access level it provides.

Permission Description
Edit Access to Property Manager Allows users to create and configure properties in Property Manager.
WAF Admin, WAF Config Allow users to access API Definitions, view and edit endpoint and resource information, and manage API configuration versions. Allow KSD customers to modify API security features.
API Definitions Administrator Allows users to access and modify delivery features, such as API privacy, JWT validation, CORS, caching, GZIP compression, OAuth scopes, or custom error responses. When a role with this permission is assigned to a user’s ACG, that user can also register API configurations with hostnames from this ACG with no base path restrictions. For more details about this relation, see Access control group (ACG) model.
API Definitions Viewer Allows users to access and view the contents of API Definitions. When a role with this permission is assigned to a user’s ACG, that user can also view this ACG’s hostnames in the API hostnames menu on the API registration page. For more details about this relation, see Access control group (ACG) model.
API Definitions URL Path Editor Allows users to access the contents of API Definitions. When a role with this permission is assigned to a user’s ACG, that user can also register API configurations with hostnames from this ACG, providing the associated base path is non-blank and doesn’t start with a wildcard (*) or a path parameter.
API Definitions Read/Write Allows users to view and edit API configurations in API Definitions. When a role with this permission is assigned to a user’s ACG, that user can also register API configurations with hostnames from this ACG with no base path restrictions. For more details about this relation, see Access control group (ACG) model.
Botman Feature, Botman Config For Bot Manager customers, allow users to access and modify resource purpose settings.