API Access Controls for Devices
Devices in Flywheel are intended to be used for integrations where system-wide access control by a Site Admin is more appropriate than a user based API Key.
- Flywheel Connector
- Bulk Import by CLI or SDK
- Other automated system administration activities
Device access control is not governed by Group Roles or Project Roles. A Device can do everything a Site Admin can do, with the exceptions noted in this article.
Flywheel APIs Only Available to Devices
The Flywheel APIs available only to Devices (not users) are specialized interfaces for efficient bulk file upload, or use by Flywheel managed internal service-to-service components.
| API Route | API Method | SDK Function | Notes |
|---|---|---|---|
| /api/files | POST | NONE | |
| /api/jupyterlab_servers/ {jupyterlab_server_id}/users/{user_id}/system | GET | NONE | |
| /api/projects/{project_id}/upsert-hierarchy | POST | upsert_project_hierarchy() | |
| /api/projects/{project_id}/upsert-file | POST | NONE | |
| /api/upload/signed-url | POST | upload_signed_fs_file() | |
| /api/upload/signed-url/cleanup | POST | cleanup_signed_upload_url() | |
| /api/upload/complete-s3-multipart | POST | complete_s3_multipart_upload() | |
| /api/upload/complete-azure-multipart | POST | NONE | |
| /api/jobs/{job_id}/prepare-complete | POST | prepare_complete_job() | Flywheel Engine Use Only |
| /api/jobs/{job_id}/complete | POST | complete_job() | Flywheel Engine Use Only |
Flywheel APIs Not Available to Devices
The Flywheel APIs not available to Devices (only users) are those that require being governed by group/project access controls for compliance purposes, or those that are only applicable to a user session.
| API Route | API Method | SDK Function | Notes |
|---|---|---|---|
| /api/audit-trail/reports | POST | add_audit_trail_report() | |
| /api/audit-trail/reports | GET | list_audit_trail_reports() | |
| /api/audit-trail/reports/{report_id}/csv | GET | download_audit_trail_report() | |
| /api/audit-trail/reports/{report_id} | DELETE | delete_audit_trail_report | |
| /api/audit-trail/reports/{report_id} | PATCH | modify_audit_trail_report() | |
| /api/login/auth0 | GET | NONE | |
| /api/jupyterlab_servers/ {jupyterlab_server_id}/data | GET | get_jupyterlab_server() | |
| /api/jupyterlab_servers/ {jupyterlab_server_id}/data | POST | modify_jupyterlab_server() | |
| /api/jupyterlab_servers/ {jupyterlab_server_id}/data/ticket | GET | NONE | |
| /api/report/project | GET | get_project_report() | Available to Devices with Flywheel 19.3.0 |
| /api/report/site | GET | get_site_report() | Available to Devices with Flywheel 19.3.0 |
| /api/report/accesslog | GET | get_access_log_report() | Available to Devices with Flywheel 19.3.0 |
| /api/report/legacy-usage | GET | get_legacy_usage_report() | Available to Devices with Flywheel 19.3.0 |
| /api/report/usage | GET | get_usage_report() | Available to Devices with Flywheel 19.3.0 |
| /api/report/usage/availability | GET | get_usage_availability() | Available to Devices with Flywheel 19.3.0 |
| /api/report/daily-usage | GET | get_daily_usage_report() | Available to Devices with Flywheel 19.3.0 |
| /api/site/providers/{provider_id} | DELETE | delete_provider() | |
| /api/site/bookmark-list | PUT | modify_bookmark_list() | |
| /api/users/self/mfa-setups | POST | NONE | |
| /api/users/self/mfa-setups | GET | NONE | |
| /api/users/self/mfa-setups | DELETE | NONE | |
| /api/users/self/mfa-setups | PATCH | NONE | |
| /api/users/self/mfa-verifications | POST | NONE | |
| /api/users/self | GET | get_current_user() | |
| /api/users/self/avatar | GET | get_current_user_avatar() | |
| /api/users/self/key | POST | generate_user_key() | |
| /api/users/self/key/{api_key_id} | DELETE | delete_user_key() | |
| /api/users/self/info | GET | get_current_user_info() | |
| /api/users/self/info | POST | modify_current_user_info | |
| /api/users/self/jobs | GET | get_current_user_jobs() | |
| /api/users/self/preferences | PUT | NONE |