Optimizing UI/UX with Usage Information: Acronis #CyberFit Developer Training Part III

Acronis
Acronis Cyber Protect Cloud
for Service Providers

This is the third part of the course focusing on Optimizing UI/UX with Usage Information. The first part can be found here Get Started, Authorization and Tenant Management: Acronis #CyberFit Developer Training Part I and the second here Management of Offering Items and Applications: Acronis #CyberFit Developer Training Part II.

The hands-on manuals, hands-on code, and presentations are for the full course.

Business Automation and account management training course is focused on the Acronis Cyber Platform Account Management API. It provides you the knowledge and hands-on experience you’ll need to successfully automate the provisioning of accounts, applications, offering items, quota management, user creation, and activation, as well as reports management and much more.

The training’s Hands-on Manuals

The training’s Hands-on Code

  1. Bash
  2. PowerShell
  3. Postman
  4. Python

The training's presentation in PDF

Account Management API

Users Management

Types of accounts

Administrators: have access to Management Portal and administrator role in all configured services might be limited scope by assigning a specific role

Users: have no access to Management Portal, access to services and role in services defined by an Administrator

Accounts are created within a tenant

Each Customer tenant must have at least 1 Administrator account for service configuration and software installation purposes

Administrators can create and manage tenants and accounts at or below their level in the tenant hierarchy

Administrators at Customer and higher levels can limit access to their tenant by toggling off the Support access to manage this tenant setting. In this case, the API access disables as well.

All operations with user accounts in the cloud platform are located under the /users endpoint. User accounts represent users registered on the platform.

User accounts created in Customer tenant have a personal tenant. Personal tenant represents a tenant bound to a specific user account and is used only to control user account quotas and to collect user account real usage

All users are created inactivated. To activate a user, you need either to send an activation e-mail or set a password. We recommend using the activation e-mail method for better security reasons.

Create, Update, Delete a User

The Acronis Cyber Cloud requires that user login should be unique through all datacenters. Thus before creating a user with a specific login it's needed to check this login availability:

GET /users/check_login?username={login}

To create a user, you only need login and e-mail and tenant_id for which the user is creating. All other fields are to fill your business requirements.

POST /users

{

"tenant_id": "{tenant_id}",

"login": "{login}",

"contact": {

"email": "{e-mail}”

}

To update a user only a current version is required and you can specify only changed values.

POST /users/{user_id}

{

“enabled": false,

“version": "{current_version}"

}

When deleting a user account, all data associated with this user account will be deleted. This operation is not reversible!

Users Activation

After the user account has been successfully created on the platform, it is necessary to perform one of the account activation steps.

There are 2 ways to activate a user account

  • Send an email with the account activation link using API. The user will have to open the activation link sent to his/her email address and set the password, in order to be able to log in
  • Set a password for the user account using API. The user will be able to log in to the service console using his/her password. This can be useful when implementing custom user account provisioning methods. However, you need to establish a secure communication channel to communicate passwords un-compromised.

Clients can send activation emails only to user accounts located in sub-tenants. This also means that the client cannot perform this operation within its parent tenant

To send activation e-mail use:

POST /users/{user_id}/send-activation-email

The platform enforces the following rules for user account passwords

Password may contain any Unicode and special characters

Password may be empty. The user will not be able to log in using login/password authorization, but it still will be possible to log in using an external login URL

It's possible to only change the passwords of user accounts in sub-tenants. This also means that the client cannot perform this operation within its parent tenant

To activate a user by setting a password:

POST /users/{user_id}/password

{

"password": "newUserPassword312"

}

Enable Roles and Assigning Services

The roles are used to manage user account access to the services available in the same tenant. All operations with the user account roles are located under the /users/{user_id}/access_policies endpoint.

Setting a role with a higher access level, like partner_admin, will override all other roles related to the service(s).

Update request overwrites the current user roles with request content.

User Roles of a Partner Tenant

partner_admin, the "ultimate" administrator (full access to all services available within a tenant, no need to assign other roles)

accounts_admin, the administrator of the Management Portal

accounts_ro_admin, the read-only administrator of Management Portal

protection_admin, the administrator of the Cyber Protection services

protection_ro_admin, the read-only administrator of the Cyber Protection service

readonly_admin, obsolete The non-granular read-only administrator role.

sync_share_admin, the administrator of Cyber Files

User Roles for a Customer Tenant

company_admin, the "ultimate" administrator (full access to all services available within a tenant, no need to assign other roles)

accounts_admin, the administrator of Management Portal

accounts_ro_admin, the read-only administrator of Management Portal

protection_admin, the administrator of the Cyber Protection services

protection_ro_admin, the read-only administrator of the Cyber Protection service

backup_user, the user of the Cyber Protection service

sync_share_admin, the administrator of the Cyber Files services

sync_share_user, a user of the Cyber Files services

notary_admin, the administrator of the Cyber Notary services

notary_user, a user of the Cyber Notary services

readonly_admin, obsolete the non-granular read-only administrator role.

Search for a User

To search for tenants or users:

GET /search

With the following query parameters
  • tenant – the root tenant for tenants hierarchy to search
  • text – text to search
  • limit – limit output (default 10).

The following property values are checked in user accounts:

  • Account login – login
  • First name – firstname in the contact object
  • Last name – lastname in the contact object
  • Email address (not displayed in search results) – email in the contact object.

Tenant Usage

Tenants and personal tenants provide metrics of service usage on the level of offering items.

The information about a service usage of the tenant, provided by the /tenants/usages endpoint. It is updated on average every 5-6 hours and intended for UX/UI usage purposes. For usage reports and billing automation, you need to use reports.

Summary

With the third part of Acronis #CyberFit Developer Training for Bussiness Automation, you now know how to manage users and retrieve usage information for UI/UX purposes.

The next part of Acronis #CyberFit Developer Training for Bussiness Automation will discuss usage reporting and working with locations and infrastructure information.

About Acronis

Acronis is a Swiss company, founded in Singapore. Celebrating two decades of innovation, Acronis has more than 1,800 employees in 45 locations. The Acronis Cyber Protect Cloud solution is available in 26 languages in over 150 countries and is used by 20,000 service providers to protect over 750,000 businesses.

More from Acronis