How to restrict APIs at the Tenant level in Orchestrator

system · January 3, 2025, 4:32pm

How to restrict APIs at the Tenant level in Orchestrator?

Here are the steps to restrict APIs at the tenant level in Orchestrator:

Integrate a confidential external application without application scopes.
Then, import this confidential external application into different folders across Orchestrator, spanning various tenants.
Subsequently, assign roles (permissions) to these imported external applications based on specific scenarios.
When requesting a token, ensure to request only the OR.Default scope.
This approach ensures that assignments for the external application in Orchestrator are verified at both the tenant and folder levels.

Topic		Replies	Views
Restrict orchestrator API calls per user Orchestrator orchestrator , question	3	576	June 4, 2023
Folder level control for "OAuth for External Apps" in on-premise Orchestrator Orchestrator orchestrator , considering , feedback	2	893	May 30, 2023
How To Create Tenants Via API? Knowledge Base orchestrator	0	283	August 8, 2023
Assigning rights to specific tenants for an external Application Orchestrator orchestrator , question	1	286	January 17, 2024
Orchestrator API OAuth Permissions Orchestrator orchestrator , question	4	2127	September 3, 2021