Users (Retired Help Topic)

Intergraph Smart API Manager Help Retired Topics

English (United States)

This topic has moved.

To see the updated version, click here then choose your Smart API Manager version. For Smart API Manager versions 2020 (4.0) and earlier, choose help version 4.0.

How do I choose a help version?

When you click the link above, a current version of the this topic opens in the Preview window. The Version drop-down at the top of the window shows which version you're looking at. To see a different version, select it from the drop-down:

If you click the Read the topic in context button at the bottom of the Preview window, you will open the topic in the help for the selected version.

SHARED Tip Anytime you are looking at the help, you can switch to the help for a different version using the drop-down at the top of the help window.

Any user created with the Users feature becomes part of the local users store maintained by Smart API Manager.

A local user is useful for logging into Smart API Manager to perform administrative tasks. For example, the System Administrators group typically contains a local user, created when Smart API Manager is first configured. You likely logged into Smart API Manager for the first time with this user’s credentials (username and password).

While you can add a local user to a group to authorize access to a Smart API, it is preferable to use identities from an external identity provider whenever possible to avoid duplicating credentials for the same user.

You can also map an external identity to a local user, if that configuration is advantageous for your environment.

Role-based access for Smart API Manager users

You can control a user’s access to features in Smart API Manager by assigning the user (via a local user or external identity) to one of three pre-defined groups:

Group Name


System Administrators

Full read/write access to all features in Smart API Manager.

Project Administrators

Read/write access to all Smart Clients, read access for Smart APIs, Groups, and Users.


Read/write access to Smart Clients they have created, along with read access to Smart APIs.

If you review these groups, you will notice that each one is authorized to access Intergraph Smart API Manager: Management API. This Smart API drives Smart API Manager, itself a Smart Client registered as Intergraph Smart API Management Dashboard.

The User Access Level (role) claim controls the role-based access for Smart API Manager. The enumeration claim has the following three claim types and values:

Claim Type Name




Project Administrator




Thus, if you have a user in another group, and you want the user to be able to log into Smart API Manager, you could:

  1. Authorize the group to access the Smart API Manager: Management API.

  2. Set the required User Access Level claim to the appropriate value, for example, System Administrator, if you wish to give the user full control.

See Give a group access to a Smart API for details.