API Access Management
Note
Enterprise Feature: Granular API access management is available exclusively for Enterprise workspaces.
Overview
API Access is the bridge between your workspace members and your APIs. It controls which users and groups can access specific APIs within your workspace, allowing you to:
- Grant API access to individual users or entire groups
- Manage who can see and interact with each API
- Maintain security by controlling access at the API level
- Simplify onboarding with group-based access
How API Access Works
The Connection System
API Access works in conjunction with Roles and Groups:
- Roles define what users can do (permissions)
- Groups organize users into teams
- API Access determines which APIs users can see and use
Caution
Important: Having a role with permissions does NOT automatically grant access to APIs. Users must be explicitly granted API access either individually or through group membership.
Access Methods
Users can access an API through two methods:
1. Direct Access (Individual)
- User is explicitly added to the API
- Maintains access regardless of group membership
- Useful for specific individual needs
2. Group Access
- User’s group has been granted access to the API
- User automatically gains/loses access when added/removed from group
- Preferred method for team-based access management
Example Scenario
Setup:
- User: Sarah
- Role: Developer (with permissions to read requests and manage endpoints)
- Group: Frontend Team
- API: Web Application API
Without API Access:
- Sarah has the Developer role
- Sarah is in the Frontend Team group
- Sarah cannot see the Web Application API
With API Access:
- Frontend Team group is granted access to Web Application API
- Sarah can now see the Web Application API
- Sarah can use her Developer role permissions on this API
Viewing API Access
Navigate to User Management > API Access to see all APIs and their access configurations.
API Access Table
The table displays:
| Column | Description |
|---|---|
| Name | API name and identifier |
| People | Number of individual users with direct access |
| Groups | Number of groups with access to this API |
Filtering
Use filters to find specific access configurations:
Filter by People:
- Shows APIs where specific users have access
- Useful for auditing individual user access
Filter by Groups:
- Shows APIs where specific groups have access
- Useful for reviewing team access patterns
Managing API Access
View API Access Details
Click View API Access from the menu (•••) to see detailed access information:
API Information:
- API name and URL
- Created date
Access Details:
- Number of people with direct access
- Number of groups with access
- Complete lists of both
Granting Access
Add Individual Users
- Open the API access detail view
- Navigate to the People section
- Click + Add next to “Search by name or email…”
- Select one or more users from the dropdown
- Click Add
Note
Multi-Select: You can add multiple users at once by selecting them all before clicking Add.
What Happens:
- Selected users immediately gain access to the API
- They can now see the API in their workspace
- They can use their role permissions on this API
- Access is maintained even if they leave any groups
Add Groups
- Open the API access detail view
- Navigate to the Groups section
- Click + Add next to “Search…”
- Select one or more groups from the dropdown
- Click Add
What Happens:
- All members of selected groups immediately gain access to the API
- New members added to these groups automatically get API access
- Members removed from these groups lose API access (unless they have direct access)
Tip
Best Practice: Use group-based access for teams. This makes it easier to onboard new team members and maintain consistent access across your organization.
Revoking Access
Remove Individual Users
Single User:
- Find the user in the People list
- Click the menu (•••) next to the user
- Select Revoke Access
- Confirm the action
Bulk Removal:
- Check the boxes next to users to remove
- Click Revoke Access from the bulk action menu
- Confirm the action
- All selected users will lose access
Remove Groups
Single Group:
- Find the group in the Groups list
- Click the menu (•••) next to the group
- Select Revoke Access
- Confirm the action
Bulk Removal:
- Check the boxes next to groups to remove
- Click Revoke Access from the bulk action menu
- Confirm the action
- All members of selected groups will lose access (unless they have direct access)
Caution
Impact Warning: Revoking group access affects all group members. Make sure you understand the impact before removing group access, especially for large groups.
Revoke All Access
Caution
Critical Action: This removes ALL access (both people and groups) to the API. This action cannot be undone.
To revoke all access:
- Open the API access detail view
- Click Revoke All Access
- Read the warning carefully
- Type
REVOKEto confirm - Click Revoke All Access
What Happens:
- All individual users lose access
- All groups lose access
- API becomes inaccessible to all workspace members
- You’ll need to re-grant access to restore it
Understanding Access Priority
When a user has both direct access and group access:
Direct Access + Group Access = Access Maintained
Example:
- Sarah has direct access to API A
- Sarah is in Frontend Team
- Frontend Team has access to API A
- Removing Sarah from Frontend Team: She still has access (direct access)
- Revoking Frontend Team access: Sarah still has access (direct access)
- Must revoke Sarah’s direct access to remove her access completely
Tip
Access Auditing: To completely remove a user’s access, check both direct access and group access. Remove both if necessary.
