{"id":1787,"date":"2026-07-01T17:47:41","date_gmt":"2026-07-01T17:47:41","guid":{"rendered":"https:\/\/kb.powercode.com\/?post_type=ht_kb&#038;p=1787"},"modified":"2026-07-01T18:02:05","modified_gmt":"2026-07-01T18:02:05","slug":"use-the-admin-page","status":"publish","type":"ht_kb","link":"https:\/\/kb.powercode.com\/?ht_kb=use-the-admin-page","title":{"rendered":"Use the Admin page"},"content":{"rendered":"\n<p>The <strong>Admin<\/strong> page manages Link users, groups, API keys, and request audit logs. The Admin page is visible only to users with admin read access.<\/p>\n\n\n\n<h2>Open the Admin page<\/h2>\n\n\n\n<ol>\n<li>Sign in to Powercode Link with an administrator account.<\/li>\n\n\n\n<li>Select <strong>Admin<\/strong> in the page selector.<\/li>\n<\/ol>\n\n\n\n<p>If you do not see <strong>Admin<\/strong>, your account does not have admin access.<\/p>\n\n\n\n<h2>Admin activity<\/h2>\n\n\n\n<p>The <strong>Admin activity<\/strong> section shows recent admin messages and one-time secrets.<\/p>\n\n\n\n<p>When you create or regenerate an API key, Link shows the plaintext key only once. Copy it immediately and store it in a secure secret manager.<\/p>\n\n\n\n<h2>Manage groups<\/h2>\n\n\n\n<p>Groups assign gateway scopes to users.<\/p>\n\n\n\n<p>To create a group:<\/p>\n\n\n\n<ol>\n<li>Open <strong>Create group<\/strong>.<\/li>\n\n\n\n<li>Enter a <strong>Name<\/strong> and optional <strong>Description<\/strong>.<\/li>\n\n\n\n<li>Select the required <strong>Group scopes<\/strong>.<\/li>\n\n\n\n<li>Select <strong>Create group<\/strong>.<\/li>\n<\/ol>\n\n\n\n<p>To edit a group:<\/p>\n\n\n\n<ol>\n<li>Select <strong>Edit<\/strong> next to the group.<\/li>\n\n\n\n<li>Update the description or scopes.<\/li>\n\n\n\n<li>Select <strong>Save group<\/strong>.<\/li>\n<\/ol>\n\n\n\n<p>Use the least access needed for the group&#8217;s purpose.<\/p>\n\n\n\n<h2>Manage users<\/h2>\n\n\n\n<p>To create a user:<\/p>\n\n\n\n<ol>\n<li>Open <strong>Create user<\/strong>.<\/li>\n\n\n\n<li>Enter <strong>Username<\/strong> and optional <strong>Display name<\/strong>.<\/li>\n\n\n\n<li>Enter a temporary password.<\/li>\n\n\n\n<li>Set the user <strong>Status<\/strong>.<\/li>\n\n\n\n<li>Leave <strong>Force password change on next sign-in<\/strong> enabled for new users.<\/li>\n\n\n\n<li>Select the user&#8217;s groups.<\/li>\n\n\n\n<li>Select <strong>Create user<\/strong>.<\/li>\n<\/ol>\n\n\n\n<p>To edit a user:<\/p>\n\n\n\n<ol>\n<li>Select <strong>Edit<\/strong> next to the user.<\/li>\n\n\n\n<li>Update display name, status, password reset, password-change requirement, or groups.<\/li>\n\n\n\n<li>Select <strong>Save user<\/strong>.<\/li>\n<\/ol>\n\n\n\n<p>Disable a user instead of deleting the account when access should be removed but audit history should remain understandable.<\/p>\n\n\n\n<h2>Manage API keys<\/h2>\n\n\n\n<p>API keys are for machine-to-machine access through the Link gateway.<\/p>\n\n\n\n<p>To create an API key:<\/p>\n\n\n\n<ol>\n<li>Open <strong>Create API key<\/strong>.<\/li>\n\n\n\n<li>Choose the <strong>Owner<\/strong> user.<\/li>\n\n\n\n<li>Enter a clear <strong>Label<\/strong>.<\/li>\n\n\n\n<li>Optionally set <strong>Expires at<\/strong>.<\/li>\n\n\n\n<li>Select the required <strong>API-key scopes<\/strong>.<\/li>\n\n\n\n<li>Optionally add <strong>CIDR restrictions<\/strong> to limit which source networks can use the key.<\/li>\n\n\n\n<li>Set the <strong>Per-key rate limit<\/strong>, or explicitly disable rate limiting when approved.<\/li>\n\n\n\n<li>Select <strong>Create API key<\/strong>.<\/li>\n\n\n\n<li>Copy the one-time plaintext API key immediately.<\/li>\n<\/ol>\n\n\n\n<p>To edit API-key policy:<\/p>\n\n\n\n<ol>\n<li>Select <strong>Edit<\/strong> next to the key.<\/li>\n\n\n\n<li>Update label, scopes, CIDRs, rate limit, or expiration.<\/li>\n\n\n\n<li>Select <strong>Save API key<\/strong>.<\/li>\n<\/ol>\n\n\n\n<p>Editing an API key does not reveal the secret. If the secret is lost, select <strong>Regenerate<\/strong> and copy the new one-time value.<\/p>\n\n\n\n<p>Available API-key actions:<\/p>\n\n\n\n<ul>\n<li><strong>Edit<\/strong>: change non-secret policy.<\/li>\n\n\n\n<li><strong>Regenerate<\/strong>: create a replacement secret and revoke the previous secret.<\/li>\n\n\n\n<li><strong>Revoke<\/strong>: stop an active key from working.<\/li>\n\n\n\n<li><strong>Unrevoke<\/strong>: re-enable a revoked key if it has not expired and policy still allows it.<\/li>\n<\/ul>\n\n\n\n<h2>Understand common scopes<\/h2>\n\n\n\n<p>Common Link gateway scopes include:<\/p>\n\n\n\n<ul>\n<li><code>gateway:observability:read<\/code>: view dashboards, logs, host\/system data, and read-only diagnostics.<\/li>\n\n\n\n<li><code>gateway:network:execute<\/code>: run SNMP and ICMP probes.<\/li>\n\n\n\n<li><code>gateway:config:write<\/code>: perform configuration-changing actions, such as deleting leases or applying firewall changes.<\/li>\n\n\n\n<li><code>gateway:admin:read<\/code>: view the Admin console and admin resources.<\/li>\n\n\n\n<li><code>gateway:identity:write<\/code>: create and edit users and groups.<\/li>\n\n\n\n<li><code>gateway:credentials:manage<\/code>: create, rotate, revoke, and manage API keys.<\/li>\n<\/ul>\n\n\n\n<p>Prefer fine-grained scopes and avoid granting privileged scopes unless needed.<\/p>\n\n\n\n<h2>View request audit logs<\/h2>\n\n\n\n<p>The <strong>Request audit logs<\/strong> section shows gateway API activity.<\/p>\n\n\n\n<p>Useful filters:<\/p>\n\n\n\n<ul>\n<li><strong>Event type<\/strong><\/li>\n\n\n\n<li><strong>Route family<\/strong>: health, auth, admin, link, snmp, icmp, or prometheus.<\/li>\n\n\n\n<li><strong>Result<\/strong>: success, failure, or denied.<\/li>\n\n\n\n<li><strong>Credential<\/strong>: session, API key, or user credentials.<\/li>\n\n\n\n<li><strong>Time range<\/strong><\/li>\n\n\n\n<li><strong>Request id<\/strong><\/li>\n\n\n\n<li><strong>Contains<\/strong> text search<\/li>\n<\/ul>\n\n\n\n<p>Select a row&#8217;s details to see structured metadata for that request.<\/p>\n\n\n\n<p>Use <strong>Load older<\/strong> when more results are available.<\/p>\n\n\n\n<h2>Edit audit log rotation settings<\/h2>\n\n\n\n<p>In <strong>Request audit logs<\/strong>, open <strong>Rotation settings<\/strong> to control file-backed audit retention:<\/p>\n\n\n\n<ul>\n<li><strong>Active file size (MiB)<\/strong><\/li>\n\n\n\n<li><strong>Rotated files kept<\/strong><\/li>\n\n\n\n<li><strong>Max age (days)<\/strong><\/li>\n\n\n\n<li><strong>Gzip rotated files<\/strong><\/li>\n<\/ul>\n\n\n\n<p>Select <strong>Save rotation settings<\/strong> to apply changes to the running gateway.<\/p>\n\n\n\n<h2>Troubleshooting<\/h2>\n\n\n\n<ul>\n<li>If Admin is missing, ask another administrator to grant <code>gateway:admin:read<\/code>.<\/li>\n\n\n\n<li>If user or group saves fail, confirm you have <code>gateway:identity:write<\/code>.<\/li>\n\n\n\n<li>If API-key actions fail, confirm you have <code>gateway:credentials:manage<\/code>.<\/li>\n\n\n\n<li>If an API key does not work, check status, expiration, scopes, CIDR restrictions, rate limits, and audit logs.<\/li>\n<\/ul>\n","protected":false},"excerpt":{"rendered":"<p>The Admin page manages Link users, groups, API keys, and request audit logs. The Admin page is visible only to users with admin read access. Open the Admin page If you do not see Admin, your account does not have admin access. Admin activity The Admin activity section shows recent&#8230;<\/p>\n","protected":false},"author":20,"comment_status":"open","ping_status":"closed","template":"","format":"standard","meta":[],"ht-kb-category":[134],"ht-kb-tag":[],"_links":{"self":[{"href":"https:\/\/kb.powercode.com\/index.php?rest_route=\/wp\/v2\/ht-kb\/1787"}],"collection":[{"href":"https:\/\/kb.powercode.com\/index.php?rest_route=\/wp\/v2\/ht-kb"}],"about":[{"href":"https:\/\/kb.powercode.com\/index.php?rest_route=\/wp\/v2\/types\/ht_kb"}],"author":[{"embeddable":true,"href":"https:\/\/kb.powercode.com\/index.php?rest_route=\/wp\/v2\/users\/20"}],"replies":[{"embeddable":true,"href":"https:\/\/kb.powercode.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=1787"}],"version-history":[{"count":1,"href":"https:\/\/kb.powercode.com\/index.php?rest_route=\/wp\/v2\/ht-kb\/1787\/revisions"}],"predecessor-version":[{"id":1788,"href":"https:\/\/kb.powercode.com\/index.php?rest_route=\/wp\/v2\/ht-kb\/1787\/revisions\/1788"}],"wp:attachment":[{"href":"https:\/\/kb.powercode.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=1787"}],"wp:term":[{"taxonomy":"ht_kb_category","embeddable":true,"href":"https:\/\/kb.powercode.com\/index.php?rest_route=%2Fwp%2Fv2%2Fht-kb-category&post=1787"},{"taxonomy":"ht_kb_tag","embeddable":true,"href":"https:\/\/kb.powercode.com\/index.php?rest_route=%2Fwp%2Fv2%2Fht-kb-tag&post=1787"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}