Knowledge Management
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

Rest api for authorization

dvg06
Path Finder
‎01-20-2021 08:20 PM

Hi Splunkers, 

Trying to disable certain capabilities from roles via rest api, but havent been successful yet. Please help.

What is the rest endpoint url that I should use to disable.

I tried something like https://127.0.0.1:8089/services/authorization/roles/power/capabilities/rtsearch/disable, but this is invalid end point. Splunk documentation has not been very helpful. 

Reply

dvg06
Path Finder
‎01-21-2021 03:18 PM

thanks @manjunathmeti 

I can update the capabilities using the above command.

But any idea how to delete this particular capability? what flag should I use instead of -d?

0 Karma
Reply

manjunathmeti
Champion
‎01-21-2021 10:28 PM

First, you can GET list of capabilities and remove the role from the list and POST it back.

0 Karma
Reply

manjunathmeti
Champion
‎01-20-2021 09:37 PM

You can use /authorization/roles/<rolename> enpoint to get and update capabilities of a role. Refer this https://docs.splunk.com/Documentation/Splunk/8.1.1/RESTREF/RESTaccess#authorization.2Froles.2F.7Bnam....

curl -k -u admin:changeme https://localhost:8089/services/authorization/roles/power -d capabilities=search 

 

0 Karma
Reply
Get Updates on the Splunk Community!

[Puzzles] Solve, Learn, Repeat: Character substitutions with Regular Expressions

This challenge was first posted on Slack #puzzles channelFor BORE at .conf23, we had a puzzle question which ...

Shape the Future of Splunk: Join the Product Research Lab!

Join the Splunk Product Research Lab and connect with us in the Slack channel #product-research-lab to get ...

Auto-Injector for Everything Else: Making OpenTelemetry Truly Universal

You might have seen Splunk’s recent announcement about donating the OpenTelemetry Injector to the ...