API concepts

This section describes the conceptual objects you deal with when interacting with this API, and provides pointers to where you can learn more.

  • Group: Groups are organizational containers for the objects you use in Control Center. Groups can contain other groups, primary objects like properties, and secondary objects like edge hostnames or CP codes. Groups are organized as a nested tree structure that cascade permissions. You can move a nested group to another position within the tree structure, but that may affect users' access to objects it contains due to cascading permissions.

  • Property: A configuration file specifying how Akamai serves your web content. The Property Manager API (PAPI) allows you to manage property configurations and assign them to groups when you first create them.

  • Blocked Property: Administrators can block a user's access to any property, overriding any available role already assigned to a user to further restrict access.

  • Users: A user is a person with access to Control Center.

  • Profile: A profile refers to a user's information such as address and personal phone number. Users can edit their own profiles, but only administrators can edit profiles belonging to other users. Users can't disable their two-factor authentication (TFA) settings if the account they belong to has TFA enabled by default.

  • Administrators: Administrators are a subset of users with additional permissions. They can have different levels of access, like API provisioning, moving groups or properties, or creating new users or modify existing ones. Response data may be redacted based on your access rights if you're a lower-level administrator.

  • Common Resources: This refers to commonly accessible read-only information that may apply across all users on an account. It includes locale, security policies, and the set of available products. The API provides a different set of common resource operations for access by administrators and for other users.

  • Notification: Users configure email notifications for reminders to rotate passwords, or to learn about maintenance issues for each product.

  • Role: Roles are lists of permissions that are explicitly tied to both a user and a group. Users need roles to act on objects in a group. It's the combination of user, role, and group that grants a user access to the objects they need. Roles may restrict access for a limited set of a group's resources.

  • Grantable Role: These contain certain Akamai-defined atomic permissions that, when grouped together, give you access to applications and resources. The permissions included in a grantable role depend on what products are available on your contract. Use the Contract API for information on the products associated with your contract.