REST API Access

REST API Access lets the SMP administrator define the IP addresses, subnets, and domain names that can call SMP APIs for a specific service domain. When you enable this feature, unauthorized IP addresses are blocked and cannot call SMP APIs on the SMP Portal for that domain. This provides an additional way to restrict user permissions.

By default, all IPs are blocked from accessing REST APIs.

To define an allowed IP address:

  1. Go to Service Domain > Settings > REST API Access.

  2. Click Allow REST API access only from the following IP address, Subnets or Domain Names.

  3. Click New.

    The Management Access Control window opens.

  4. From Source Type, select IP Address, Network or Domain Name.

  5. Enter the IP address / domain name.

    Note - If the Source Type is Network, you must also enter the Subnet Mask.

  6. Click Finish.

  7. Click Save.

To delete an allowed IP address or subnet:

  1. Select one or more IP addresses/subnets.

  2. Click Delete.

  3. Click Save.

Use case:

A company wants only one specific administrator to have permissions to call SMP APIs. Therefore, they select Allow REST API access only from the following IP address, and add the IP address of the administrator’s laptop to the list of allowed IP addresses. If all the members of a group within the company share the same SMP user, the company can restrict API calls to specific hosts.