topic Re: Rest api for authorization in Knowledge Management

Rest api for authorization

dvg06 — Thu, 21 Jan 2021 04:20:38 GMT

Hi Splunkers,

Trying to disable certain capabilities from roles via rest api, but havent been successful yet. Please help.

What is the rest endpoint url that I should use to disable.

I tried something like https://127.0.0.1:8089/services/authorization/roles/power/capabilities/rtsearch/disable, but this is invalid end point. Splunk documentation has not been very helpful.

manjunathmeti — Thu, 21 Jan 2021 05:37:15 GMT

You can use /authorization/roles/<rolename> enpoint to get and update capabilities of a role. Refer this https://docs.splunk.com/Documentation/Splunk/8.1.1/RESTREF/RESTaccess#authorization.2Froles.2F.7Bname.7D.

curl -k -u admin:changeme https://localhost:8089/services/authorization/roles/power -d capabilities=search

dvg06 — Thu, 21 Jan 2021 23:18:30 GMT

I can update the capabilities using the above command.

But any idea how to delete this particular capability? what flag should I use instead of -d?

manjunathmeti — Fri, 22 Jan 2021 06:28:05 GMT

First, you can GET list of capabilities and remove the role from the list and POST it back.