Security
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question
Solved! Jump to solution

Why does creating a user with multiple roles fail when calling the REST API endpoint from curl?

rpwawa
Explorer
‎05-16-2017 01:22 PM

I can successfully create users by calling the REST API authentication/users endpoint from curl, but when I try to create a user with multiple roles it fails.

For example, this command will successfully create a user:
curl -k -s -u admin:changeme https://splunk1:8089/services/authentication/users -d name=test1 -d password=test1 -d realname="Test User 1" -d email=test1@here.com -d roles="role1" -d defaultApp=search

However, when I try to specify multiple roles as shown below the command fails. I have tried using a blank, comma and a comma/blank as delimiters between the role names and none of them work.
curl -k -s -u admin:changeme https://splunk1:8089/services/authentication/users -d name=test1 -d password=test1 -d realname="Test User 1" -d email=test1@here.com -d roles="role1,role2" -d defaultApp=search

The REST API documentation for the authentication/users endpoint says that the roles parameter should contain "One or more existing roles to assign to this user."

What syntax should I use for specifying multiple roles when creating a user with the REST API?

Tags (4)
0 Karma
Reply
1 Solution
Solved! Jump to solution
Solution

frobinson_splun
Splunk Employee
Splunk Employee
‎05-16-2017 02:09 PM

Hi @rpwawa,
I am not sure that "roles" accepts comma separated lists of roles. Can you try submitting roles separately for this user in your request, as in
-d roles="role1", -d roles="role2"

Let me know if this doesn't work and I can do some more research into what's going on...

Hope this helps!

View solution in original post

Reply
Solved! Jump to solution
Solution

frobinson_splun
Splunk Employee
Splunk Employee
‎05-16-2017 02:09 PM

Hi @rpwawa,
I am not sure that "roles" accepts comma separated lists of roles. Can you try submitting roles separately for this user in your request, as in
-d roles="role1", -d roles="role2"

Let me know if this doesn't work and I can do some more research into what's going on...

Hope this helps!

Reply
Solved! Jump to solution

rpwawa
Explorer
‎05-16-2017 02:44 PM

Yes, submitting the roles as separate items works - like this: -d roles="role1" -d roles="role2"

Thanks a lot !!!

Reply
Solved! Jump to solution

frobinson_splun
Splunk Employee
Splunk Employee
‎05-16-2017 05:37 PM

awesome! I'll update the docs to mention this. Will convert my comment to an answer as it solved your question. Please feel free to accept it! 🙂

0 Karma
Reply
Get Updates on the Splunk Community!

Building Reliable Asset and Identity Frameworks in Splunk ES

 Accurate asset and identity resolution is the backbone of security operations. Without it, alerts are ...

Cloud Monitoring Console - Unlocking Greater Visibility in SVC Usage Reporting

For Splunk Cloud customers, understanding and optimizing Splunk Virtual Compute (SVC) usage and resource ...

Automatic Discovery Part 3: Practical Use Cases

If you’ve enabled Automatic Discovery in your install of the Splunk Distribution of the OpenTelemetry ...