In my environment the user role already had the following rest-related capabilities:
rest_apps_view
rest_properties_get
rest_properties_set
It turned out that this was not enough to allow a user to authenticate, I created a new role and found that just by adding a single capability the user was able to authenticate and use the API:
rest_apps_management
... View more
I ran into this same problem with one of my infosec users wanting access to the RestAPI. I created a new role "restapi" and added his account. The only capability I added to the new role was rest_apps_management and this allowed him to log in to the API successfully.
... View more