iControl REST API access issue for users with guest role thorugh TACACS

Question

Hello All,
I have enabled TACACS on F5 LTM running with version 11.6.0 and provided guest role for the users other than the Admin team. 
Post change for the users with guest role are unable to access LTM using iControl REST API &nbsp;
If anyone has experianced this issue, could you please share the steps to resolve the issue.&nbsp;
Regards,
Thiyagu&nbsp;

lee_sutcliffe · Answer

Try granting these users the role of Auditor, it will restrict the account so they can't make changes but should still be able to view objects using the API&nbsp;
This role grants users permission to view all configuration data on the system, including logs and archives. Users with this role cannot create, modify, or delete any data, nor can they view SSL keys or user passwords. Users with the Auditor role have access to all partitions on the system, and this partition access cannot be changed.&nbsp;
https://support.f5.com/kb/en-us/products/big-ip_ltm/manuals/product/bigip-user-account-administration-11-6-0/3.html&nbsp;

Forum Discussion

iControl REST API access issue for users with guest role thorugh TACACS

Recent Discussions

AS3 Limitations

Unable to install firmware OS and drop at 10%

Statistics ›› Analytics : HTTP : Overview

How to Renew F5 Device Certificate

F5 ASM CEF Sending Logs in Specific TimeZone

Related Content

iControl REST Fine-Grained Role Based Access Control

Federated AWS Console Access Made Easy: F5 BIG-IP Access Policy Manager Access Guided Configurations

List of F5 iControl REST API Endpoints

Microsoft Powershell with iControl

Access Troubleshooting: BIG-IP APM OIDC integration

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS