Allowing collaborators to view gateway traffic on v3 console

Hi, I have configured a gateway on v3, seems to work fine for me, traffic coming in, etc.

However, when I add a “collaborator” on the console for the gateway, this person cannot view the gateway traffic, unless the option “Retrieve secrets associated with a gateway” is also ticked in the collaborator properties. The person can see that the gateway exists, but runs into an error message when the gateway is selected.

A working combination is as follows, the particular right that was needed is marked in purple:
image
Perhaps people running into the same problem can find this thread and figure out that particular right is also needed. I don’t know exactly what secrets this refers to exactly.

Apart from that, I find the following a bit strange:

  1. There is apparently a ‘delete gateway’ right (marked in red). I’ve seen enough threads on this forum from people running into non-recoverable trouble after deleting their gateway. Just seems to be a very bad idea to have that right available to collaborators at all.
  2. “view” and “edit” are not separable rights for gateway collaborator and gateway API keys

As my eye-balls hurt from setting up API permissions, I have work-in-progress document to:

  • Have the permissions list grouped more sensibly
  • Figure out the granularity - what’s missing & what’s not needed
  • How not to have someone (or even yourself) shoot yourself in the foot by changing permissions or giving someone something they don’t need

I’ll post my observations when it’s better formed - probably be a couple of days.

1 Like