SpamExperts provides a multi-level access structure:
Only 1 username/password is supported for each Admin account, Domain user, or Email user. All activity is logged on the platform, including the (active) username and the IP address for these.
For larger organizations, a more complex structure may be preferred for audit capabilities. As sharing a password is not recommended from a security perspective, a Single Sign-On (SSO) module is available via the API ("Authentication" section) to provide such access to integrate with your external control panel(s), billing system, or support system. For various third-party control panels an open source module is already available using this functionality. See Integrations for further information.
In case your platform is not listed in the Integrations page, the link can be easily generated from the command line or any programming language, to be displayed to your customer or staff member for access. By passing the optional “identifier” variable, an audit trail related to that identifier will be recorded. Hence with this method you can for example easily identify which support staff member executed a certain action.
Generate authtickets method
The API method to generate authtickets:
/api/authticket/create/username/<string>/][identifier/<string>/]
Such tickets can be used for webinterface access without the need to enter a username and the password. A new authticket can be used for several login attempts, however it expires after 15 minutes.
Arguments
| Parameter | Description | Value |
|---|---|---|
username
|
The username of the user to create the authticket for | <string>
|
identifier (optional) |
A custom identifier for the client username in the API logging | <string>
|
Generate authtickets using Curl
To get an authticket using Curl use the following command:
curl "https://adminusername:password@api.antispamcloud.com/api/authticket/create/username/subadminexample/identifier/staffmembername/"
Arguments
| Parameter | Description | Value |
|---|---|---|
adminusername
|
Your SpamExperts admin access credentials. This will allow Curl to generate an authticket for any related sub-admin, domain, or email user | <string>
|
password
|
The SpamExperts admin password related to the adminusername above | <string>
|
subadminexample
|
The username to grant access to | <string>
|
stafmembername
|
An optional identifier for the audit trail, for example matching the username of the specific staff member being granted access | <string>
|
The command will return a string (e.g. “736586bf5983138a6408bb145a3fbc9985091bf7”), which you can add to the end of the login URL to use as the SSO URL and display in your control panel to the authorized user. An example login would look like:
https://login.antispamcloud.com/?authticket=736586bf5983138a6408bb145a3fbc9985091bf7
Ensure that the Admin credentials in the script are secured, and not accessible externally. Additionally you need to ensure the authticket is only exposed to authorized users. A PHP example can be found here.
Disclaimer: This documentation may contain references to third party software or websites. N-able has no control over third party software or content and is not responsible for the availability, security, or operation, of any third-party software. If you decide to utilize a release involving third-party software, you do so entirely at your own risk and subject to the applicable third party’s terms and conditions of the use of such software. No information obtained by you from N-able or this documentation shall create any warranty for such software.