F5 is upgrading its customer support chat feature on My.F5.com. Chat support will be unavailable from 6am-10am PST on 1/20/26. Refer to K000159584 for details.

Forum Discussion

Prakash_Krishna's avatar
Prakash_Krishna
Icon for Nimbostratus rankNimbostratus
11 years ago

Providing right credential to connect the F5 device using RestAPI is always throwing 401 error

Hi All,   Here I am using RestAPI to connect to the device. I am always getting the http 401 error even my credentials are right and able to reach the same url using webbrowser.   Can anybody h...
application delivery
cisco
cloud
iControlREST
LTM
management
brad_11480's avatar
brad_11480
Icon for Nimbostratus rankNimbostratus
8 years ago

any information on what version(s) this has been corrected in? I just upgraded to 12.1.1 and i have users who are not able to use the RestAPI. They get 401. What right does the user require? I would hope that it would reflect the same rights structure and not require them to be admin.

 

brad_11480's avatar
brad_11480
Icon for Nimbostratus rankNimbostratus
8 years ago

Really?? admin user only? There is no security model for the RestAPI? This renders the use of the RestAPI to be very limited in scope. It certainly can't be used for monitoring systems as the credentials would be required on those systems to call the RestAPI.

 

This means that anyone who needs to use it basically has the 'keys to the kingdom' and can use those credentials to do whatever they wish on the systems.

 

Note that generating a token is useless alternative since they expire in 8 hours.

 

Ref below comment about it being corrected in a subsequent 'hotfix' I'm on 12. no relief.