The default API User (API-only) security level provides the same API access as the standard Full Access security level. It cannot be edited, but it can be copied. You can edit the copies to create up to 50 API-only custom security levels that provide access to modules, features, and data as needed, in the same way that regular Autotask security levels control access to features and data.
- API-only resources cannot log into the Autotask UI.
- They cannot be assigned to tickets or tasks; their names do not appear in any resource data selectors or resource menus.
- API-only resources can create entities (via the API) but they cannot own or be associated with them.
An API User can be a CreatorResourceID, but cannot be a ResourceID or OwnerResourceID (except in select cases where Autotask does not distinguish between a CreatorResourceID and a ResourceID; that is, the entity does not have an explicit CreatorResourceID but does have another ResourceID).
- You can exempt API-only users from the password expiration requirement.
When you make a copy of the API User (system) (API-only) security level, you can check the "Not required to change password" check box. Refer to Create or edit a custom security level.
API-only resources must be created and managed through the UI. You assign an API-only security level to a resource on the Security tab of the Manage Resource page in Autotask. Refer to Complete the Security tab.
NOTE Access to protected Asset UDFs, which may store sensitive data, is not granted by default. Access is granted separately by resource. Refer to Manage permission to view protected data.
NOTE Autotask Web Services API does not currently support single sign on (SSO). If you are using SSO with Autotask, the API will recognize your Autotask credentials used prior to SSO. The password will not expire.