Create a machine identity access control

  • Release version: Zurich
  • Updated July 31, 2025
  • 1 minute to read

    • Enable administrators to define and enforce granular control for integration users by introducing User Access Profiles. This feature provides an additional layer of security and control, allowing admins to specify the exact resources (REST APIs and SOAP APIs) that an integration user can access, ensuring tighter governance and minimizing security risks.

    Before you begin

    Role required: admin

    Procedure

    1. Navigate to All > System Security > Machine Identity Access Controls.
    2. Select the New button.
    3. Fill in the fields of the form.
      Table 1. Machine Identity Access Control fields
      Field Description
      Name Name of the access control record.
      Application Application containing the record.
      Description Description of the record.
      Active Determines if the policy is active
      REST API Policy Select the target REST API policy.
      Note:
      Select the Lock and the Search icon to add a policy.
      SOAP API Policy Select the target SOAP API policy.
      Note:
      Select the Lock and the Search icon to add a policy.
      Tables Select the tables this policy applies to
      Applies to Child Table Check this to apply the policy to child tables of the Tables field
    4. Select the Insert a row below prompt and add users to apply the control to.
      You can add multiple users to the access control.
      Note:
      You can only select users with Web Service Access.
    5. Select Submit.

    Result

    The following is an example of a machine identity access control form that has been filled out:

    An example of a machine identity access control form filled out.

    A user with an machine identity access control cannot access any other APIs (REST or SOAP) and will only be able to access the resources explicitly stated in the access control, even if they have the required roles.