Security

Why does creating a user with multiple roles fail when calling the REST API endpoint from curl?

rpwawa
Explorer

I can successfully create users by calling the REST API authentication/users endpoint from curl, but when I try to create a user with multiple roles it fails.

For example, this command will successfully create a user:
curl -k -s -u admin:changeme https://splunk1:8089/services/authentication/users -d name=test1 -d password=test1 -d realname="Test User 1" -d email=test1@here.com -d roles="role1" -d defaultApp=search

However, when I try to specify multiple roles as shown below the command fails. I have tried using a blank, comma and a comma/blank as delimiters between the role names and none of them work.
curl -k -s -u admin:changeme https://splunk1:8089/services/authentication/users -d name=test1 -d password=test1 -d realname="Test User 1" -d email=test1@here.com -d roles="role1,role2" -d defaultApp=search

The REST API documentation for the authentication/users endpoint says that the roles parameter should contain "One or more existing roles to assign to this user."

What syntax should I use for specifying multiple roles when creating a user with the REST API?

Tags (4)
0 Karma
1 Solution

frobinson_splun
Splunk Employee
Splunk Employee

Hi @rpwawa,
I am not sure that "roles" accepts comma separated lists of roles. Can you try submitting roles separately for this user in your request, as in
-d roles="role1", -d roles="role2"

Let me know if this doesn't work and I can do some more research into what's going on...

Hope this helps!

View solution in original post

frobinson_splun
Splunk Employee
Splunk Employee

Hi @rpwawa,
I am not sure that "roles" accepts comma separated lists of roles. Can you try submitting roles separately for this user in your request, as in
-d roles="role1", -d roles="role2"

Let me know if this doesn't work and I can do some more research into what's going on...

Hope this helps!

rpwawa
Explorer

Yes, submitting the roles as separate items works - like this: -d roles="role1" -d roles="role2"

Thanks a lot !!!

frobinson_splun
Splunk Employee
Splunk Employee

awesome! I'll update the docs to mention this. Will convert my comment to an answer as it solved your question. Please feel free to accept it! 🙂

0 Karma
Get Updates on the Splunk Community!

Enterprise Security Content Update (ESCU) | New Releases

In September, the Splunk Threat Research Team had two releases of new security content via the Enterprise ...

New in Observability - Improvements to Custom Metrics SLOs, Log Observer Connect & ...

The latest enhancements to the Splunk observability portfolio deliver improved SLO management accuracy, better ...

Improve Data Pipelines Using Splunk Data Management

  Register Now   This Tech Talk will explore the pipeline management offerings Edge Processor and Ingest ...