How do we create a user that only has read only privileges to OpenAPI?
Any version of CAPM with OpenAPI.
OpenAPI by it's very nature is read only. We do not support create/delete/update operation using open API. Any user that has access to CAPC has read only access using OpenAPI interface. This includes the admin user. OpenAPI does not support user roles, but it does support what a user can see. For example, if a user has permission to see certain objects in CAPC, that is all he will see in OpenAPI. Basically the user will see all children of the groups he has access to.