icontrol - list remote roles from f5 device

Question

Hello&nbsp;I would like to create several remote role groups on few devices using script so i decided to take a look on icontrol rest api.&nbsp; I got authentication token and then tried to list "remote role groups" using:curl -sk https://ip_mgmt_f5/mgmt/tm/auth/remote-role&nbsp;-H "X-F5-Auth-Token: Generated_Token"In the output there's&nbsp; no created earlier "remote role groups" from GUI (System/Users/remote role groups"(version 14.1.4.4)Maybe icontrol api is not fully implemented regarding remote roles ?Best RegardsT.&nbsp;

jrahm · Answer

Great question! The interface you are looking for is: /mtmt/tm/auth/remote-role/role-info. Here's an example:
curl -X POST \
  'https://ltm3.test.local/mgmt/tm/auth/remote-role/role-info' \
  --header 'Accept: */*' \
  --header 'User-Agent: Thunder Client (https://www.thunderclient.io)' \
  --header 'Content-Type: application/json' \
  --header 'Authorization: Basic YWRtaW46YWRtaW4=' \
  -d '{"name": "ops", "attribute": "F5-LTM-User-Info-1=ops", "console": "%F5-LTM-User-Console", "lineOrder": 3, "role": "%F5-LTM-User-Role", "userPartition": "%F5-LTM-User-Partition"}'
And a get returns my other 2 roles in addition to this newly created one:
curl -X GET \
  'https://ltm3.test.local/mgmt/tm/auth/remote-role/role-info' \
  --header 'Accept: */*' \
  --header 'User-Agent: Thunder Client (https://www.thunderclient.io)' \
  --header 'Content-Type: application/json' \
  --header 'Authorization: Basic YWRtaW46YWRtaW4='
Response:
{
  "kind": "tm:auth:remote-role:role-info:role-infocollectionstate",
  "selfLink": "https://localhost/mgmt/tm/auth/remote-role/role-info?ver=15.1.2.1",
  "items": [
    {
      "kind": "tm:auth:remote-role:role-info:role-infostate",
      "name": "/Common/adm",
      "fullPath": "/Common/adm",
      "generation": 0,
      "selfLink": "https://localhost/mgmt/tm/auth/remote-role/role-info/~Common~adm?ver=15.1.2.1",
      "attribute": "F5-LTM-User-Info-1=adm",
      "console": "%F5-LTM-User-Console",
      "deny": "disabled",
      "lineOrder": 1,
      "role": "%F5-LTM-User-Role",
      "userPartition": "%F5-LTM-User-Partition",
      "userPartitionReference": {
        "link": "https://localhost/mgmt/tm/auth/partition/%25F5-LTM-User-Partition?ver=15.1.2.1"
      }
    },
    {
      "kind": "tm:auth:remote-role:role-info:role-infostate",
      "name": "/Common/appEd",
      "fullPath": "/Common/appEd",
      "generation": 0,
      "selfLink": "https://localhost/mgmt/tm/auth/remote-role/role-info/~Common~appEd?ver=15.1.2.1",
      "attribute": "F5-LTM-User-Info-1=appEd",
      "console": "%F5-LTM-User-Console",
      "deny": "disabled",
      "lineOrder": 2,
      "role": "%F5-LTM-User-Role",
      "userPartition": "%F5-LTM-User-Partition",
      "userPartitionReference": {
        "link": "https://localhost/mgmt/tm/auth/partition/%25F5-LTM-User-Partition?ver=15.1.2.1"
      }
    },
    {
      "kind": "tm:auth:remote-role:role-info:role-infostate",
      "name": "/Common/ops",
      "fullPath": "/Common/ops",
      "generation": 0,
      "selfLink": "https://localhost/mgmt/tm/auth/remote-role/role-info/~Common~ops?ver=15.1.2.1",
      "attribute": "F5-LTM-User-Info-1=ops",
      "console": "%F5-LTM-User-Console",
      "deny": "disabled",
      "lineOrder": 3,
      "role": "%F5-LTM-User-Role",
      "userPartition": "%F5-LTM-User-Partition",
      "userPartitionReference": {
        "link": "https://localhost/mgmt/tm/auth/partition/%25F5-LTM-User-Partition?ver=15.1.2.1"
      }
    }
  ]
}

Forum Discussion

icontrol - list remote roles from f5 device

1 Reply

Win Big in Vegas: The iRules Contest is back with $5k on the line at AppWorld 2026

Jürgen - February 2026 Featured Member

F5 Architecture Track Sessions - AppWorld 2026

Recent Discussions

DNS topology not distributing as expected

Unable to Forward APM and AFM Logs to AWS CloudWatch Using Telemetry Streaming

which virtual server will be hit?

Questions on device trust

Restore configuration to GTM Sync Group device

Related Content

iControl REST Authentication Token Management

Microsoft Powershell with iControl

Integrate F5 Distributed Cloud remote logging with ELK

Automated backup F5 configuration to remote server

ImageTragick - ImageMagick Remote Code Execution Vulnerability

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS