APIs and typical level of access?
I'm new to APIs, however we expect to start using them more as time goes on. Anyway, we've recently set up an account for AppDynamics in TACACS (and using the big ip's Remote Role Groups) to pull data from one of our F5s. My question is, typically, what level of user auth should be allowed for such an account? I assume, "well, that depends," however I'm wondering if anyone here has a suggestion based on experience. An alternative would be to ratchet it down just before they could no longer pull the data they needed.
for API calls, you'll need admin level access by default. You can set RBAC on a user, though. Here are two articles that should help: