topic Re: How do I authorize a user to use the REST API? in Security

How do I authorize a user to use the REST API?

jbechchar — Mon, 16 Nov 2015 17:25:37 GMT

Hi everybody,

I have a problem with a user.
I've just created a new user and it seems ok when I use it with Splunk.
However, I have no authorization when I try to use it with REST.

Is there a particular parameter to use the REST API with a certain user?

Thanks in advance

best regards,

Re: How do I authorize a user to use the REST API?

aljohnson_splun — Mon, 16 Nov 2015 17:49:34 GMT

Yes, you'll need to add certain capabilities to that user or that users's role(s).

This can be done by going to Settings > Access Controls > Roles - then choosing a role and scrolling to about halfway down the page. Then chose which capabilities are enabled for that particular role.

The relevant conf is authorize.conf:

[capability::rest_apps_view]
        * Required to list various properties in the python remote apps handler.
        * See restmap.conf for more info

[capability::rest_properties_get]
        * Required to get information from the services/properties endpoint.

[capability::rest_properties_set]
        * Required to edit the services/properties endpoint.

Note that you may need to also look at restmap.conf depending on what you're trying to do. However, most likely, you just need to add the capabilities defined above.

Re: How do I authorize a user to use the REST API?

jbechchar — Tue, 17 Nov 2015 09:07:49 GMT

Hi aljohnson,

Thanks for your answer.

But, I have already theses capabalities for my role.

That's why I don't understand why I cannot do a curl request...

It is possible to request on the api with the Admin user...

Another idea ? 🙂

Re: How do I authorize a user to use the REST API?

jbechchar — Tue, 17 Nov 2015 14:24:20 GMT

Hi,

when i search index=_internal

It seems that I have no ldap authorization...
But it is not an ldap user...

And I have an another user with the same configuration and it works with api rest.