- CheckMates
- :
- Products
- :
- Developers
- :
- API / CLI Discussion
- :
- Re: API X TACACS
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Are you a member of CheckMates?
×- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
API X TACACS
Hi friends,
I'm facing a difficult problem regarding the API
Today we are using TACACS , and to escalate the necessary privileges, type a set command to go up to expert next.
I'm trying to integrate an application with rest api, but I'm getting error that the user doesn't have necessary privileges.
The configuration in the manager is with ALL IP ADDRESSES
but we are getting login error, and using curl to try to login we get error 401
When we use tacacs does the api need some kind of privilege?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Which API? Management (to define firewall objects and rules) or OS-level (to define things like routes and interfaces)?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
API Management only
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
For the management API, permissions are controlled exclusively through the user's permissions profile. Log in to SmartConsole, go to Manage & Settings > Permissions & Administrators. The user must be defined there, and must have a permissions profile.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
This has already been done, but I get an insufficient privileges error.
My question was about tacacs in relation to the API, if you need any different privileges to use the API. Since local admin has been disabled and everything goes through tacacs
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
For the management API, no. Like I said, those permissions are controlled exclusively through the user's permissions profile. Management supports central authentication, but not central identification or authorization. Permissions and group memberships are totally ignored. Only the permissions profile matters.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Do you know what reasons might have related to insufficient privileges error.