Security
Highlighted

How do I authorize a user to use the REST API?

New Member

Hi everybody,

I have a problem with a user.
I've just created a new user and it seems ok when I use it with Splunk.
However, I have no authorization when I try to use it with REST.

Is there a particular parameter to use the REST API with a certain user?

Thanks in advance

best regards,

0 Karma
Highlighted

Re: How do I authorize a user to use the REST API?

Splunk Employee
Splunk Employee

Yes, you'll need to add certain capabilities to that user or that users's role(s).

This can be done by going to Settings > Access Controls > Roles - then choosing a role and scrolling to about halfway down the page. Then chose which capabilities are enabled for that particular role.


The relevant conf is authorize.conf:

[capability::rest_apps_view]
        * Required to list various properties in the python remote apps handler.
        * See restmap.conf for more info

[capability::rest_properties_get]
        * Required to get information from the services/properties endpoint.

[capability::rest_properties_set]
        * Required to edit the services/properties endpoint.

Note that you may need to also look at restmap.conf depending on what you're trying to do. However, most likely, you just need to add the capabilities defined above.

Highlighted

Re: How do I authorize a user to use the REST API?

New Member

Hi aljohnson,

Thanks for your answer.

But, I have already theses capabalities for my role.

That's why I don't understand why I cannot do a curl request...

It is possible to request on the api with the Admin user...

Another idea ? 🙂

0 Karma
Highlighted

Re: How do I authorize a user to use the REST API?

New Member

Hi,

when i search index=_internal

It seems that I have no ldap authorization...
But it is not an ldap user...

And I have an another user with the same configuration and it works with api rest.

0 Karma