Getting Data In

How do you disable the REST API endpoint services/server/info?

New Member

Here's the deal. When you do a curl for the endpoint services/server/info on a search head, it includes information like the license key and it doesn't require any auth. no token, no user:pass, nothing.

All other endpoints require auth, but not the info one. I would like to disable or at least mask certain fields, but I can't see any where in the docs where it is even mentioned other than a description of the endpoint.

0 Karma

Motivator
0 Karma

Engager

Hi,

I am experiencing the same issue, can you let me know where I need to put restriction in RestMapconf so that the server-info endpoint is not accessible

Explorer

[admin:server-info]
requireAuthentication = true

[admin:server-info-alias]
requireAuthentication = true

0 Karma