A parent org, has two ways to manage their customers or child orgs using Umbrella APIs:
- By creating API keys on their behalf and then using those keys to make API requests (either in the UI or programmatically).
- By making direct API requests on behalf of those customers.
Example: Lets say we have a central office, (parent org), and geographically distributed branches (child orgs). The central office needs to create a global report that includes a breakdown of the security events all branch offices are experiencing. In this case, the central office would create an API key and make requests on behalf of each branch, combining their event information to create a global report.
How would you do this?
The admin for the central office org creates an API key and then requests an access token on behalf of each branch office by adding an X-Umbrella-OrgID header with the branch office’s ID as illustrated below: