Start for Free
View Categories

Users and Groups

Silverline API supports two types of users, also called API consumers, as they may include both physical users and service accounts.

  • Internal API Consumers: These are user accounts or service accounts created and managed inside Silverline API application, either manually or through the User API.
  • External API Consumers: These are user accounts or service accounts with credentials stored outside Silverline API, like in a database table or a flat file (CSV or Excel). Silverline API manages their authentication independently, without relying on an external system. It also supports integration with Microsoft Active Directory.

    To authenticate, the user calls the Login API, which validates their credentials and returns a JWT token. This token is then included in the Authorization header for subsequent API calls.
    Alternatively, Basic Authentication can be used, where the username and password are sent with each request and verified by Silverline API.
    With JWT tokens or Basic Authentication, Silverline API securely manages authentication and access for external users.

It is mandatory to have at least one internal user with a Super Admin role. Other roles that can be assigned to internal users are Admin and API_User .

  • Super Admin
  • Admin
  • API User


Super Admin
Description: The highest-level user with full access and control over the system.
Permissions:
Can manage all users, including admins and regular users.
Has the ability to change any system settings and configurations.
Can view and modify all data and logs in the system.

Admin
Description: A user with high-level administrative control but limited compared to a Super Admin.
Permissions:
Can manage API users.
Cannot access data sources and audit logs.

API User
Description: A user with basic access to just the APIs it has been granted access to.
Permissions:
Has access to APIs granted by a super admin or admin, either through direct user access or group access.


Adding Internal Users Manually:

Navigate to: Users & Groups > Users

Click on New User



Adding Internal Users Programmatically:

To add internal users programmatically, you must first have at least one SuperAdmin account set up in the Silverline API application. (This account is typically created during the initial sign-up process.)

Step 1: Authenticate SuperAdmin Account

Make a POST request to the Login API to obtain a JWT token:

Endpoint:

POST https://silverlineapi.com/app/api/v1/login

Headers:

Content-Type: application/json

Request Body:

{

  “email”: “superadmin@example.com”,

  “password”: “SuperAdminPassword”

}

Upon successful authentication, you will receive a JWT token in the response.

Step 2: Add New User

Using the JWT token received, make another POST request to add a new user:

Endpoint:

POST https://silverlineapi.com/app/api/v1/users/save

Headers:

Content-Type: application/json

Authorization: Bearer <JWT_Token>

Request Body:

{
“email”: “Jdoe@example.com”,
“first_name”: “John”,
“last_name”: “Doe”,
“password”: “Password123”,
“user_id”: “myuser123”,
“user_name”: “jdoe”,
“access_type”: “api”,
“status”: “1”,
“groups”: [“Sample_Group1″,”Sample_Group2”]
}

Response

Upon successful user creation, the API returns:

{
“status”: “success”,
“user”: {
“first_name”: “John”,
“last_name”: “Doe”,
“email”: “Jdoe@example.com”,
“user_id”: “myuser123”,
“user_name”: “jdoe”,
“status”: “1”,
“access_type”: “api”
}
}

Field Descriptions
  • email (required): Unique identifier for each user.
  • access_type (required): Specifies the type of user. Possible values are api or admin.
  • status (required): User account status, where “1” is active and “0” is inactive.
  • groups (optional): Specifies group memberships for the user.

Users added this way are considered internal consumers of Silverline API services.


Groups

Create all the groups that will be used to control API access.

Internal Users: Can be manually or programmatically be assigned to groups, which are then used to restrict API access.

External Users: Must include group names in their authentication response. These will be validated against the permitted groups for API access. Assign groups as a JSON array to the variable x-silverline-groups to ensure the system correctly identifies the user’s group membership.

Ensure correct spelling of group names in external authentication responses to prevent access issues.

For all groups except for Active Directory groups, select the group type as Silverline API.

Use the highlighted icon in the below screenshot to add users to a group:

Restricting API access to only selected Users and Groups

API access can be restricted to specific users and groups to ensure controlled usage.

For internal API consumers, you can explicitly define a set of users and groups with access. This allows precise control over which individuals within the organization can interact with the API.

For external API consumers, access can be managed by specifying which groups are permitted to use the API. This ensures that only authorized external entities can connect.

Refer to the API access control documentation for a step-by-step guide on connecting API consumers and assigning them to groups.