Hi, My client would like to connect to ISPConfig using the SOAP (remote API) interface to manage tasks such as black/whitelists, email redirects, and vacation messages. The challenge I'm facing is that if I create a remote user for them, they receive superadmin-level access — which means they can view and potentially modify all domains on the server, posing a security risk. My question is: Is there any way to restrict a remote user’s access to specific domains only? Or would I need to develop a custom middleware layer between the client system and ISPConfig to enforce such restrictions? Thanks in advance for your help!
