Account Management Settings
Only Full Administrators can use the Account Management tab to set up the read-only user.
The read-only users can view:
Existing servers, buckets, and views.
Cluster overview, settings, and statistics.
Design documents and view definitions but cannot query views.
Bucket summaries including Cache Size and Storage Size, but cannot view documents.
List of XDCR replications and remote clusters.
Logged events under the Log tab but the user cannot Generate Diagnostic Report.
The read-only users cannot:
Make any changes to the system, nor can they access N1QL.
Create buckets, edit buckets, add nodes to clusters, change XDCR settings, create views or see any stored data.
Any REST API calls which require an administrator fail and return an error for this user.
If a read-only user performs a REST POST or DELETE request that changes cluster, bucket, XDCR, or node settings, the server sends an HTTP 401 error:
HTTP/1.1 401 Unauthorized WWW-Authenticate: Basic realm="Couchbase Server Admin / REST" ....
|The read-only user cannot set up a Couchbase SDK to connect to the server. All SDKs require that a client connects with bucket-level credentials.|