Forum Discussion
CirrusF5 Big-IQ read-only API username creation.
Team,
I seem to be facing some challenge getting an API read-only account created. Can someone help with the correct steps or a link to get this account name created.
There was a comment to create a user with the Auditor role but that is not working. The additional admin account which I tried is also not working. However, the default admin account works.
We are using 17.x version.
Regards,
N!
2 Replies
f51Cumulonimbus
Hello Nikson_M
The Auditor role is intended for read-only access, but some API endpoints may still require higher privileges, or the role may not be sufficient for all API use cases. If you find that the Auditor role does not provide the access you need, you may need to review the specific permissions for built-in roles using the REST API : example, to see what the Auditor role can do, run the following on the BIG-IQ CLI:
- restcurl shared/authorization/roles | jq '.items[] | {displayName, roleTypeReference}'
Then use the roleTypeReference link to inspect the permissions for that role:
- restcurl shared/authorization/role-types/<UUID>
Reference:
K14132823: BIG-IQ how to view permissions for built-in user roles using the REST API
Nikson_MHi, this did not help as the mentioned commands are not working.
If this helps, I am looking at F5 LTM with version 17.x.
