Demystifying iControl REST Part 6: Token-Based Authentication

iControl REST. It’s iControl SOAP’s baby, brother, introduced back in TMOS version 11.4 as an early access feature but released fully in version 11.5. Several articles on basic usage have been writ...
Updated Jan 06, 2024
Version 2.0
devops
iControlREST
python
series-demystifying-icontrol-rest
jerebrad_302050's avatar
jerebrad_302050
Icon for Nimbostratus rankNimbostratus
Sep 07, 2018

Im new to REST API scripting so Im probably making a simple mistake here, but Im using Postman to generate a POST request to get a token. Im hitting .

 

I have authorization set to basic and in Body Im sending:

 

    {
        "username":"admin",
        "password":"password",
        "loginProvidername":"tmos"
    }

with the actual password for the admin account.

 

I keep getting:

 

    {
        "code": 401,
        "message": "Cannot use 'local' auth provider name when system  auth source type is not 'local'",
        "originalRequestBody": "{\"username\":\"admin\",\"generation\":0,\"lastUpdateMicros\":0}",
        "referer": "10.238.90.21",
        "restOperationId": 37917423,
        "kind": ":resterrorresponse"
    }

I've Googled myself cross-eyed and haven't come across anything helpful. We use RADIUS authentication for access to our F5s. Based on this error message I think that has something to do with this. It seems that it doesn't like me using a local account when the box is configured for RADIUS, but I can't figure out how to change the post to use RADIUS. I've tried using a known good RADIUS account and that fails with the same message. The local account works with basic authentication when doing a GET to something like /mgmt/tm/ltm, but not when I do a POST to the /mgmt/shared/authn/login.

 

I am testing this against version 13.1.0.8.