We don't want to expose admin password in any script, while authentication token seems only valid for 10 hours at most and not suitable to be used in cronjobs. We create user for this specific purpose with user role Resource Administrator who can perform the task through ssh or GUI.
However, both commands can run as that specific user (testuser1) in tmsh interactively, but fail when running through curl with error:
@sysAdm Is this user a local user? Is your F5 configured for remote authentication for user login? Typically if you have an F5 using remote authentication the only local users that work are root and admin.
@PauliusYes, the user is a local user. We didn't configure our F5 for remote authentication while we only played and learn using REST with admin user only. Would you advise how to configure F5 to enable remote user authentication and thus to use REST api ?
@sysAdm You do not need to enable remote authentication in order to use REST api. I was just making sure it wasn't enabled because if it was and you were using a local user, the local users are disabled when remote authentication is enabled. The exception to disabled local users with remote authentication is the root and admin user that come default on the F5.
@Paulius Got it and thanks. For the authorization issue we hit, since the user can issue the tmsh commands in SSH session but failed in REST api, I think the user has sufficient privilege in tmsh's perspective. Will it be due to some other authorization control for using REST api ? Thanks.
@sysAdm Based on the following article your user should have the ability to perform commands through REST api as long as they have the appropriate permissions for the command that they are attempting to execute. I would make sure that they role you associated to that user has appropriate permissions for the commands in question.
