Admin controls
Admin controls
Lucid allows admins on Lucid Enterprise accounts to control which users can develop on Lucid’s APIs.
For Lucid’s REST and Extension APIs, admins can permit or restrict development by managing their users’ access to developer tools. With the instructions detailed below, admins can configure their account so:
- Any user on the account can develop on Lucid’s APIs.
- No users can develop.
- Only admin-designated users can develop.
Restricting Access
Only enterprise accounts are able to restrict access to developer tools, meaning all users on Team accounts
can develop on Lucid’s REST and Extension APIs
For Lucid’s SCIM API, admins permit or restrict use or development by managing access to their account’s SCIM bearer token. Please note that use of Lucid’s SCIM API is limited to Lucid Enterprise accounts.
Developer tools
Lucid provides two developer tools that allow Lucid users to create, test, and distribute apps built on Lucid’s REST and Extension APIs:
- The developer portal, which allows developers to create new apps and OAuth 2.0 credentials needed to hit Lucid’s REST APIs, and to distribute apps.
- The developer menu, which allows developers to test apps built on Lucid’s Extension API.
Users without these tools are unable to build or distribute code with these APIs.
Cross-Account collaboration on apps
Developers are able to invite users from other Lucid accounts to collaborate on their applications. This can be restricted by account admins through the admin panel. When restricted:
- App owners will not be able to invite users who aren't on their account to collaborate on an application. Invitations that have already been sent but not accepted will become void.
- Users on the account will not be able to accept invitations to collaborate on apps owned by other accounts.
- Collaboration on apps on the same account will not be affected.
Deactivating the toggle will not remove cross-account collaborators who have already accepted an invitation. It will only prevent new invitations from being created or accepted.
API Keys
Developers are able to create long-lived API keys that allow for authorization to the REST API. API Keys can be created with a predefined expiration or no expiration at all. Due to this, account admins can opt to prohibit the creation and use of API Keys through the admin panel.
Deactivating the toggle will disable the creation of new API Keys. Any existing keys cannot authenticate while the toggle is off. If the toggle is activated again, the existing keys will be able to authenticate again.
Managing the SCIM API
A SCIM bearer token is needed for an app to use Lucid’s SCIM API. This token can only be obtained in the admin panel, it is not available via the developer portal or developer menu. Only account admins can access the bearer token for an account.
Managing the REST and Extension APIs
Lucid admins can control which users are able to build on Lucid’s REST and Extension APIs by managing which users have access to developer tools. Note that users do not need developer tools to connect to or use apps published in the Lucid marketplace.
Admins can configure their account in any one of the following ways:
- Any user on the account can develop on Lucid’s APIs.
- No user can develop on Lucid’s APIs.
- Only admin-designated users can develop on Lucid’s APIs.
Admins can configure this by enabling or disabling developer self-select in the “User feature controls” section of the admin panel. When self-select is disabled, admins can assign individual users developer permissions in the “Users” section of the admin panel.
The default configuration allows all users to develop.
Non-Standard Accounts
For Lucid GovSuite, Lucidscale for Gov accounts, and Lucid for Education, the default configuration does not allow any users to develop. The ability to develop on Lucids APIs is currently unavailable on Lucid’s EU data center.
All users can develop
An admin can configure their account to allow any of their users to develop on Lucid’s REST and Extension APIs. Admins can do so by going to the “User feature controls” section of the admin panel, finding the “Developer controls”
section, enabling the toggle, and pressing “Save changes.”
Note that an admin must be an Account Owner or Team Admin to enable this toggle (see admin roles for more info).
When the “Developer controls” toggle is enabled, users will be able to unlock developer features via their user settings. Please note that admins will be unable to see which users have unlocked developer features.
No users can develop
If an admin desires that no users are able to build apps on Lucid’s REST and Extension APIs, they need to 1) disable the “Developer controls” toggle in the admin panel, and 2) unassign the developer role from any user previously assigned it.
Note that the “Enable developer tools” setting will still be visible to users when the “Developer controls” toggle is disabled, but users will not be able to enable the setting.
Admin-designated users can develop
Admins are able to assign specific users the ability to build apps on Lucid’s REST and Extension APIs by assigning a user the developer role. Assigning a user the developer role unlocks developer tools for that user, even if they haven’t enabled developer features in their user settings. The developer role can be assigned to a user in the “Users" section of the admin panel.
Assigning roles
Note that an admin must be an account owner or team admin to be capable of assigning the developer role (see admin roles for more info). Also note that for security purposes, Lucid does not allow admins to assign themselves roles. This means admins are unable to assign themselves the developer role.
Updated 4 months ago