Security
cancel
Turn on suggestions
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

How do I authorize a user to use the REST API?

jbechchar
New Member
‎11-16-2015 09:25 AM

Hi everybody,

I have a problem with a user.
I've just created a new user and it seems ok when I use it with Splunk.
However, I have no authorization when I try to use it with REST.

Is there a particular parameter to use the REST API with a certain user?

Thanks in advance

best regards,

0 Karma
Reply

aljohnson_splun
Splunk Employee
Splunk Employee
‎11-16-2015 09:49 AM

Yes, you'll need to add certain capabilities to that user or that users's role(s).

This can be done by going to Settings > Access Controls > Roles - then choosing a role and scrolling to about halfway down the page. Then chose which capabilities are enabled for that particular role.

The relevant conf is authorize.conf:

[capability::rest_apps_view]
        * Required to list various properties in the python remote apps handler.
        * See restmap.conf for more info

[capability::rest_properties_get]
        * Required to get information from the services/properties endpoint.

[capability::rest_properties_set]
        * Required to edit the services/properties endpoint.

Note that you may need to also look at restmap.conf depending on what you're trying to do. However, most likely, you just need to add the capabilities defined above.

Reply

jbechchar
New Member
‎11-17-2015 06:24 AM

Hi,

when i search index=_internal

It seems that I have no ldap authorization...
But it is not an ldap user...

And I have an another user with the same configuration and it works with api rest.

0 Karma
Reply

jbechchar
New Member
‎11-17-2015 01:07 AM

Hi aljohnson,

Thanks for your answer.

But, I have already theses capabalities for my role.

That's why I don't understand why I cannot do a curl request...

It is possible to request on the api with the Admin user...

Another idea ? 🙂

0 Karma
Reply
Get Updates on the Splunk Community!

Unleash Unified Security and Observability with Splunk Cloud Platform

     Now Available on Microsoft AzureOn Demand Now Step boldly into the AI revolution with enhanced security ...

Enterprise Security Content Update (ESCU) | New Releases

In March, the Splunk Threat Research Team had 2 releases of security content via the Enterprise Security ...

Join the Splunk Developer Program Hackathon: Splunk Build-a-thon!

The Splunk Developer Program is launching in beta, and we’re celebrating with an exciting hackathon! This is ...
Top