Our features site is undergoing a refresh! Be sure to explore the revamped site and discover our latest product roadmap launching here on Monday, March 18th.
New Topic
cPanel & WHM Feature RequestsTopicServer Management
Properties
Category Server Management
Tags api, reseller, security

Reseller API privileges group

Richard Bairwell shared this idea 2 years ago
Not Planned

As a Systems Administrator, I would like to:

Have a group of privileges under the "Manage API Tokens" WHM menu heading with the heading "Resellers" (with this group only being available to "root") with:

  • *create-reseller"
  • "suspend-reseller"
  • "kill-reseller"

privileges (all similar to the existing create-acct/suspend-acct/kill-acct single account options) and a totally new

  • "access-resold-accounts" privilege : which if an API token has that option, then they can perform all other enabled actions (such as standard account management tasks) on resold accounts (i.e. accounts "owned" by resellers)

so that:

  • It is clear whether or not an API token has access to resold accounts or not
  • It is clear whether or not an API token has the ability to create/suspend resellers
  • and that the security "Principle of least privilege" rule is obeyed so that API tokens used by ordering systems and the like (which only need the ability to create/suspend/delete accounts) do NOT need "Everything/All/Full Root Access" privileges.

See also:

2 I like this idea 1  

Replies (1)

photo
1
cPanelDustin 2 years ago

Richard,

Thanks for the feature request. I'm going to mark this as not planned since it isn't on our current roadmap, but I know there's a lot of desire to improve this region of the product. When we have more information as to when this will be prioritized, we'll update this feature request.


Dustin Scherer (he/him) | Product Owner | @dustinscherer

Reply
Leave a Comment
 
Attach a file

cPanel, WebHost Manager and WHM are registered trademarks of cPanel, L.L.C. for providing its computer software that facilitates the management and configuration of Internet web servers.