https://community.splunk.com/t5/Monitoring-Splunk/How-can-a-non-admin-user-have-REST-API-Access/m-p/583140#M8782 <P>1. How can a non admin user access Splunk REST APIs?<BR />2. After getting session key, search id and search status we are trying to get search results. But it is showing null.&nbsp;&nbsp;<BR /><SPAN>curl -u $user:$password -k&nbsp;</SPAN><A title="https://localhost:8089/servicesns/admin/search/search/jobs/sid/results/" href="https://localhost:8089/servicesNS/admin/search/search/jobs/sid/results/" target="_blank" rel="noopener noreferrer">https://localhost:8089/servicesNS/admin/search/search/jobs/sid/results/</A><SPAN>&nbsp;--get&nbsp;</SPAN></P> <P><SPAN>&nbsp;Any comments are much appreciated.&nbsp;</SPAN></P> <P><SPAN>Thank you</SPAN></P> Thu, 10 Feb 2022 14:44:31 GMT Mounika 2022-02-10T14:44:31Z https://community.splunk.com/t5/Monitoring-Splunk/How-can-a-non-admin-user-have-REST-API-Access/m-p/583140#M8782 <P>1. How can a non admin user access Splunk REST APIs?<BR />2. After getting session key, search id and search status we are trying to get search results. But it is showing null.&nbsp;&nbsp;<BR /><SPAN>curl -u $user:$password -k&nbsp;</SPAN><A title="https://localhost:8089/servicesns/admin/search/search/jobs/sid/results/" href="https://localhost:8089/servicesNS/admin/search/search/jobs/sid/results/" target="_blank" rel="noopener noreferrer">https://localhost:8089/servicesNS/admin/search/search/jobs/sid/results/</A><SPAN>&nbsp;--get&nbsp;</SPAN></P> <P><SPAN>&nbsp;Any comments are much appreciated.&nbsp;</SPAN></P> <P><SPAN>Thank you</SPAN></P> Thu, 10 Feb 2022 14:44:31 GMT https://community.splunk.com/t5/Monitoring-Splunk/How-can-a-non-admin-user-have-REST-API-Access/m-p/583140#M8782 Mounika 2022-02-10T14:44:31Z https://community.splunk.com/t5/Monitoring-Splunk/How-can-a-non-admin-user-have-REST-API-Access/m-p/584444#M8791 <P>You are trying to access the search result that has is generated by Admin.</P><P><SPAN>&nbsp;</SPAN><A title="https://localhost:8089/servicesns/admin/search/search/jobs/sid/results/" href="https://localhost:8089/servicesNS/admin/search/search/jobs/sid/results/" target="_blank" rel="noopener noreferrer nofollow">https://localhost:8089/servicesNS/admin/search/search/jobs/sid/results/</A></P><P>Here - admin is the user who owns the search job</P><P>&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; - The first "search" is the App name which has access (can be accessible if the job is global or reside within search app)</P><P>&nbsp;</P><P>So if the search job is owned by an admin user you cannot access it with other users.</P><P>If the job is accessible by other users then change the username in the URL with a hyphen(-) and give it a try.</P><P>&nbsp;</P><P>In general REST API is accessible to all users, it all comes to down to what objects that user has permission to.</P> Thu, 10 Feb 2022 06:34:02 GMT https://community.splunk.com/t5/Monitoring-Splunk/How-can-a-non-admin-user-have-REST-API-Access/m-p/584444#M8791 VatsalJagani 2022-02-10T06:34:02Z