I want to automate virtual server deployment on SoftLayer using API (REST API preferred). The idea is to create a new user in the portal with API access but I want to restrict its access to only some calls: Order Virtual Server or Get virtual servers detail.

But do not allow the user to access other services like: Bare metal ordering, determine next billing and all operations related to billing/invoice.

Is it possible to limit API access for a user for that use case ?

Thank you.

what you can do using the API is the same that you can do using the Softlayer's control portal, You can see all the permission that you can grant to the users by going to:

1. Account->Users on menu
2. Click over an created user and click on permissions

There is a permission to allow to your users see the billing items, this permission is called "View Account Summary" so you can disable the permission and your usaer will not be able to see the invoices. For servers there is a permission called "Add server", but this permission is for Bare metal servers, Virtual guests and for the rest of oders if you disable this permission your user will not able to order neither Bare metal servers nor Virtual guest.

Now using the API you just need to use the method:

http://sldn.softlayer.com/reference/services/SoftLayer_User_Customer/addPortalPermission

e.g. using REST:

POST https://$USER:$apikey@api.softlayer.com/rest/v3/SoftLayer_User_Customer/$USERIDOFUSERTOEDITPERMISSION/addPortalPermission

payload:
{ "parameters": [
{
    'keyName': 'TICKET_ADD'
}
]}

You can use this method to get the list of all permissions in softlayer:

https://sldn.softlayer.com/reference/services/SoftLayer_User_Customer_CustomerPermission_Permission/getAllObjects

Regards