6 Replies Latest reply on Oct 18, 2017 1:18 PM by Brian Soefje

    Minimum Permissions to issue scan via REST API

    Brian Soefje
      Share This:

      I have gone through the doc on managing groups and reviewed the permissions but I am still confused on how to accomplish least privilege.

      I am attempting to create a new group for the purpose of issuing remote scans via the REST API of newly provisioned systems or systems with recent changes applied.

      The group will of course need the ability to kick off a scan with IP / IP ranges.

      Query results of that scan to see if scan was successful and if not external logic may attempt to re-run the scan.

      Simply adding this new group to a built-in group like discovery seemed overkill with access to start / stop discovery, add / remove credentials, etc...

      The builtin groups and listed permissions seem to flow with the UI but with API use - I am not so sure what is the minimal requirements now.