Multi-Admin Control Panel Access and Audit Trail

Spam Experts provides a multi-level access structure: Super Admin, Admin, Sub-Admin, Domain, and Email user levels. An unlimited number of Sub-Admins can be created, where each parent Admin has full access to the underlying Sub-Admins, Domains, and Email users.

Only 1 username/password is supported for each Admin account, Domain user, or Email user. All activity is logged on the platform, including the (active) username and the IP address for these.

For larger organizations, a more complex structure may be preferred for audit capabilities. As sharing a password is not recommended from a security perspective, a simple Single Sign-On (SSO) module is available via the API ("Authentication" section) to provide such access to integrate with your external control panel(s), billing system, or support system. For various third-party control panels an open source module is already available using this functionality. See Integrations for further information.

In case your platform is not listed in the Integrations page, the link can be easily generated from the command line or any programming language, to be displayed to your customer or staff member for access. By passing the optional “identifier” variable, an audit trail related to that identifier will be recorded. Hence with this method you can for example easily identify which support staff member executed a certain action.

Generate authtickets method

The simple API method to generate authtickets:

/api/authticket/create/username/<string>/][identifier/<string>/]

Such tickets can be used for webinterface access without the need to enter a username and the password. A new authticket can be used for several login attempts, however it expires after 15 minutes.

Arguments

Parameter Description Value
username The username of the user to create the authticket for <string>
identifier (optional) A custom identifier for the client username in the API logging <string>

Generate authtickets using Curl

To get an authticket using Curl use the following command:

curl "https://adminusername:password@api.antispamcloud.com/api/authticket/create/username/subadminexample/identifier/staffmembername/"

Arguments

Parameter Description Value
adminusername Your Spam Experts admin access credentials. This will allow Curl to generate an authticket for any related sub-admin, domain, or email user <string>
password The Spam Experts admin password related to the adminusername above <string>
subadminexample The username to grant access to <string>
stafmembername An optional identifier for the audit trail, for example matching the username of the specific staff member being granted access <string>

The command will return a string (e.g. “736586bf5983138a6408bb145a3fbc9985091bf7”), which you can add to the end of the login URL to use as the SSO URL and display in your control panel to the authorized user. An example login would look like:

https://login.antispamcloud.com/?authticket=736586bf5983138a6408bb145a3fbc9985091bf7

Ensure that the Admin credentials in the script are secured, and not accessible externally. Additionally you need to ensure the authticket is only exposed to authorized users. A PHP example can be found here.

Disclaimer: This documentation may contain references to third party software or websites. N-able has no control over third party software or content and is not responsible for the availability, security, or operation, of any third-party software. If you decide to utilize a release involving third-party software, you do so entirely at your own risk and subject to the applicable third party’s terms and conditions of the use of such software. No information obtained by you from N-able or this documentation shall create any warranty for such software.