Forum Discussion
CirrusLTM 13.x iControlREST with non admin accounts: 401 Authorization failed
Hi,
I found info about this problem on previous software releases, and being or not being able to use non admin accounts with iControl. However, I'm running LTM 13.0.0.3.
I've created a user account and it has the role "Manager" on a certain partition. This user can log in on the GUI, en do what he needs to do.
When I try to access iControl via REST the user/pass is accepted. (if not, you get a different error) Then I get a "code": 401, "message": "Authorization failed: ..." error.
The user is in Common, but if I make it in the partition he has rights to, it makes no difference.
If I create the user with full admin rights, i can use iControl REST.
I'm 100% sure this works on my other Big-IP, release 11.6.2.1. It also worked on 11.6.1.1.
Config is identical.
So.. is there any way somebody else has gotten this to work? A non admin user that can access iControlREST on 13.x?
Thanks in advance Vincent
Instead of using Basic Auth (sending an Based-64 encoded username/password in the HTTP Authorization header), please try Token-Based authentication.
-
Get an authentication token by sending (
) the username/password toPOST
./mgmt/shared/authn/login -
Use that token in the
header for any requests afterword.X-F5-Auth-Token
The token times out after 1200s (20 min).
Please refer to "About iControl and authentication for user accounts" section (p. 20) of the iControl® REST API User Guide Version 13.0.
-
