Creating and linking clients¶

Requirements¶

• Access to the technical client account with the Global administrator user role and disabled two‑factor authentication in the Wallarm Console

• Partner UUID

• User UUID and secret key

Procedure for creating and linking clients¶

Clients are created and linked to the partner account via the Wallarm API. Authenticated requests to Wallarm API can be sent from the own client or from the API Reference UI. The method of request authentication depends on the client sending the request:

• For requests sent from the API Reference UI, it is required to sign in to the Wallarm Console with the Global administrator user role and update the API Reference by the link:

  • https://apiconsole.eu1.wallarm.com/ for the EU Cloud
  • https://apiconsole.us1.wallarm.com/ for the US Cloud

• For requests sent from the own client, it is required to pass in the request the user UUID and secret key received from the Wallarm technical support

Step 1: Create the client via the Wallarm API¶

At this step, a partner client account will be created and linked to the partner account.

1. Send the POST request to the route /v1/objects/client/create with the following parameters:

   Parameter	Description	Request part	Required
   name	Client name.	Body	Yes
   vuln_prefix	Vulnerability prefix that Wallarm will use for vulnerability tracking and association with the client. The prefix must contain four capital letters or numbers and be related to a client name. For example: CLNT for the client Client.	Body	Yes
   partner_uuid	Partner UUID.	Body	Yes
   language	Language for the client account in the Wallarm Console interface: en or ru. By default, the language specififed when switching the account to the partner status is used.	Body	No
   X‑WallarmAPI‑UUID	User UUID.	Header	Yes, when sending a request from own client
   X‑WallarmAPI‑Secret	Secret key.	Header	Yes, when sending a request from own client

   Show an example of the request sent from own client

   EU Cloud

   curl -v -X POST "https://api.wallarm.com/v1/objects/client/create" -H "X-WallarmAPI-UUID: YOUR_UUID" -H "X-WallarmAPI-Secret: YOUR_SECRET_KEY" -H "accept: application/json" -H "Content-Type: application/json" -d "{ \"name\": \"Client\", \"vuln_prefix\": \"CLNT\", \"partner_uuid\": \"YOUR_PARTNER_UUID\"}"
   

   US Cloud

   curl -v -X POST "https://us1.api.wallarm.com/v1/objects/client/create" -H "X-WallarmAPI-UUID: YOUR_UUID" -H "X-WallarmAPI-Secret: YOUR_SECRET_KEY" -H "accept: application/json" -H "Content-Type: application/json" -d "{ \"name\": \"Client\", \"vuln_prefix\": \"CLNT\", \"partner_uuid\": \"YOUR_PARTNER_UUID\"}"
   

2. Copy the values of the id and partnerid parameters from the response to the request. The parameters will be used when linking a client to a partner account.

Step 2: Link the client to a partner account via the Wallarm API¶

At this step, ID will be set for a partner-client link. This ID will be used in NGINX configuration (wallarm_instance) for splitting several clients traffic.

1. Send the POST request to the route /v2/partner/<partnerid>/partner_client with the following parameters:

   Parameter	Description	Request part	Required
   partnerid	The partnerid value obtained after the client was created.	Path	Yes
   clientid	Client ID obtained after client creation (id).	Body	Yes
   id	ID for the partner-client link. Can be an arbitrary positive integer.	Body	Yes
   X‑WallarmAPI‑UUID	User UUID.	Header	Yes, when sending a request from own client
   X‑WallarmAPI‑Secret	Secret key.	Header	Yes, when sending a request from own client

   Show an example of the request sent from own client

   EU Cloud

   curl -v -X POST "https://api.wallarm.com/v2/partner/111/partner_client" -H "X-WallarmAPI-UUID: YOUR_UUID" -H "X-WallarmAPI-Secret: YOUR_SECRET_KEY" -H "accept: application/json" -H "Content-Type: application/json" -d "{ \"clientid\": 888, \"id\": \"13\"}"
   

   US Cloud

   curl -v -X POST "https://us1.api.wallarm.com/v2/partner/111/partner_client" -H "X-WallarmAPI-UUID: YOUR_UUID" -H "X-WallarmAPI-Secret: YOUR_SECRET_KEY" -H "accept: application/json" -H "Content-Type: application/json" -d "{ \"clientid\": 888, \"id\": \"14\"}"
   

2. Copy and save the id value you passed in the request. This ID will be used in NGINX configuration (wallarm_instance) for splitting several clients traffic.

Created clients will be visually presented in the Wallarm Console for the global partner users. For example, Client 1 and Client 2:

Providing clients with access to the Wallarm Console¶

You can provide your clients with access to their accounts in the Wallarm Console. Clients will be able to track blocked requests, analyze discovered vulnerabilities, and perform additional configuration of the WAF node via the Wallarm Console.

To provide a client with access to an account, go to the appropriate partner client account via the client selector → section Settings → Users and add users with the required roles. Only regular roles can be set for users of the partner client account. Reqular roles give access to only one partner client account.

Open the roles description →