icontrol - list remote roles from f5 device

Admin

Feb 23, 2022

Great question! The interface you are looking for is: /mtmt/tm/auth/remote-role/role-info. Here's an example:

curl -X POST \
  'https://ltm3.test.local/mgmt/tm/auth/remote-role/role-info' \
  --header 'Accept: */*' \
  --header 'User-Agent: Thunder Client (https://www.thunderclient.io)' \
  --header 'Content-Type: application/json' \
  --header 'Authorization: Basic YWRtaW46YWRtaW4=' \
  -d '{"name": "ops", "attribute": "F5-LTM-User-Info-1=ops", "console": "%F5-LTM-User-Console", "lineOrder": 3, "role": "%F5-LTM-User-Role", "userPartition": "%F5-LTM-User-Partition"}'

And a get returns my other 2 roles in addition to this newly created one:

curl -X GET \
  'https://ltm3.test.local/mgmt/tm/auth/remote-role/role-info' \
  --header 'Accept: */*' \
  --header 'User-Agent: Thunder Client (https://www.thunderclient.io)' \
  --header 'Content-Type: application/json' \
  --header 'Authorization: Basic YWRtaW46YWRtaW4='

Response:

{
  "kind": "tm:auth:remote-role:role-info:role-infocollectionstate",
  "selfLink": "https://localhost/mgmt/tm/auth/remote-role/role-info?ver=15.1.2.1",
  "items": [
    {
      "kind": "tm:auth:remote-role:role-info:role-infostate",
      "name": "/Common/adm",
      "fullPath": "/Common/adm",
      "generation": 0,
      "selfLink": "https://localhost/mgmt/tm/auth/remote-role/role-info/~Common~adm?ver=15.1.2.1",
      "attribute": "F5-LTM-User-Info-1=adm",
      "console": "%F5-LTM-User-Console",
      "deny": "disabled",
      "lineOrder": 1,
      "role": "%F5-LTM-User-Role",
      "userPartition": "%F5-LTM-User-Partition",
      "userPartitionReference": {
        "link": "https://localhost/mgmt/tm/auth/partition/%25F5-LTM-User-Partition?ver=15.1.2.1"
      }
    },
    {
      "kind": "tm:auth:remote-role:role-info:role-infostate",
      "name": "/Common/appEd",
      "fullPath": "/Common/appEd",
      "generation": 0,
      "selfLink": "https://localhost/mgmt/tm/auth/remote-role/role-info/~Common~appEd?ver=15.1.2.1",
      "attribute": "F5-LTM-User-Info-1=appEd",
      "console": "%F5-LTM-User-Console",
      "deny": "disabled",
      "lineOrder": 2,
      "role": "%F5-LTM-User-Role",
      "userPartition": "%F5-LTM-User-Partition",
      "userPartitionReference": {
        "link": "https://localhost/mgmt/tm/auth/partition/%25F5-LTM-User-Partition?ver=15.1.2.1"
      }
    },
    {
      "kind": "tm:auth:remote-role:role-info:role-infostate",
      "name": "/Common/ops",
      "fullPath": "/Common/ops",
      "generation": 0,
      "selfLink": "https://localhost/mgmt/tm/auth/remote-role/role-info/~Common~ops?ver=15.1.2.1",
      "attribute": "F5-LTM-User-Info-1=ops",
      "console": "%F5-LTM-User-Console",
      "deny": "disabled",
      "lineOrder": 3,
      "role": "%F5-LTM-User-Role",
      "userPartition": "%F5-LTM-User-Partition",
      "userPartitionReference": {
        "link": "https://localhost/mgmt/tm/auth/partition/%25F5-LTM-User-Partition?ver=15.1.2.1"
      }
    }
  ]
}

Forum Discussion

icontrol - list remote roles from f5 device

Recent Discussions

F5 looses the token for the first call

iRule - Url rewrite and header replace and pool selection not working

Switch ssl profile based on weak cipher detection via IRULE

full-proxy HTTP2

Decode ObjectSID from Base64-encode string

Related Content

Security for IoT Devices and Why It’s Important

VLAN Failsafe failover settings change on STANDBY device - affect ACTIVE device?

asmevents tool to retrieve events from an ASM device

Unable to update device cert

SPECIAL DevCentral Connects - on Basic iControl Security

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS