Use the Admin page

The Admin page manages Link users, groups, API keys, and request audit logs. The Admin page is visible only to users with admin read access.

Open the Admin page

  1. Sign in to Powercode Link with an administrator account.
  2. Select Admin in the page selector.

If you do not see Admin, your account does not have admin access.

Admin activity

The Admin activity section shows recent admin messages and one-time secrets.

When you create or regenerate an API key, Link shows the plaintext key only once. Copy it immediately and store it in a secure secret manager.

Manage groups

Groups assign gateway scopes to users.

To create a group:

  1. Open Create group.
  2. Enter a Name and optional Description.
  3. Select the required Group scopes.
  4. Select Create group.

To edit a group:

  1. Select Edit next to the group.
  2. Update the description or scopes.
  3. Select Save group.

Use the least access needed for the group’s purpose.

Manage users

To create a user:

  1. Open Create user.
  2. Enter Username and optional Display name.
  3. Enter a temporary password.
  4. Set the user Status.
  5. Leave Force password change on next sign-in enabled for new users.
  6. Select the user’s groups.
  7. Select Create user.

To edit a user:

  1. Select Edit next to the user.
  2. Update display name, status, password reset, password-change requirement, or groups.
  3. Select Save user.

Disable a user instead of deleting the account when access should be removed but audit history should remain understandable.

Manage API keys

API keys are for machine-to-machine access through the Link gateway.

To create an API key:

  1. Open Create API key.
  2. Choose the Owner user.
  3. Enter a clear Label.
  4. Optionally set Expires at.
  5. Select the required API-key scopes.
  6. Optionally add CIDR restrictions to limit which source networks can use the key.
  7. Set the Per-key rate limit, or explicitly disable rate limiting when approved.
  8. Select Create API key.
  9. Copy the one-time plaintext API key immediately.

To edit API-key policy:

  1. Select Edit next to the key.
  2. Update label, scopes, CIDRs, rate limit, or expiration.
  3. Select Save API key.

Editing an API key does not reveal the secret. If the secret is lost, select Regenerate and copy the new one-time value.

Available API-key actions:

  • Edit: change non-secret policy.
  • Regenerate: create a replacement secret and revoke the previous secret.
  • Revoke: stop an active key from working.
  • Unrevoke: re-enable a revoked key if it has not expired and policy still allows it.

Understand common scopes

Common Link gateway scopes include:

  • gateway:observability:read: view dashboards, logs, host/system data, and read-only diagnostics.
  • gateway:network:execute: run SNMP and ICMP probes.
  • gateway:config:write: perform configuration-changing actions, such as deleting leases or applying firewall changes.
  • gateway:admin:read: view the Admin console and admin resources.
  • gateway:identity:write: create and edit users and groups.
  • gateway:credentials:manage: create, rotate, revoke, and manage API keys.

Prefer fine-grained scopes and avoid granting privileged scopes unless needed.

View request audit logs

The Request audit logs section shows gateway API activity.

Useful filters:

  • Event type
  • Route family: health, auth, admin, link, snmp, icmp, or prometheus.
  • Result: success, failure, or denied.
  • Credential: session, API key, or user credentials.
  • Time range
  • Request id
  • Contains text search

Select a row’s details to see structured metadata for that request.

Use Load older when more results are available.

Edit audit log rotation settings

In Request audit logs, open Rotation settings to control file-backed audit retention:

  • Active file size (MiB)
  • Rotated files kept
  • Max age (days)
  • Gzip rotated files

Select Save rotation settings to apply changes to the running gateway.

Troubleshooting

  • If Admin is missing, ask another administrator to grant gateway:admin:read.
  • If user or group saves fail, confirm you have gateway:identity:write.
  • If API-key actions fail, confirm you have gateway:credentials:manage.
  • If an API key does not work, check status, expiration, scopes, CIDR restrictions, rate limits, and audit logs.
Updated on July 1, 2026

Was this article helpful?

Related Articles