Forum Discussion
any information on what version(s) this has been corrected in? I just upgraded to 12.1.1 and i have users who are not able to use the RestAPI. They get 401. What right does the user require? I would hope that it would reflect the same rights structure and not require them to be admin.
- nyif5_225400Aug 02, 2017Nimbostratus
Hi I am having the same 401 auth error. Did any one get the resolution. Or we just need to use the admin user for RestAPI ?
- Jad_Tabbara__J1Aug 02, 2017Cirrostratus
You need to use admin user for RestApi
- brad_11480Aug 02, 2017Nimbostratus
Really?? admin user only? There is no security model for the RestAPI? This renders the use of the RestAPI to be very limited in scope. It certainly can't be used for monitoring systems as the credentials would be required on those systems to call the RestAPI.
This means that anyone who needs to use it basically has the 'keys to the kingdom' and can use those credentials to do whatever they wish on the systems.
Note that generating a token is useless alternative since they expire in 8 hours.
Ref below comment about it being corrected in a subsequent 'hotfix' I'm on 12. no relief.
- Brad_ParkerAug 02, 2017Cirrus
Take a look at this article, https://devcentral.f5.com/articles/rbac-with-icontrolrest-on-big-ip-24491