Nagios Support Forum

Posted: **Thu Nov 14, 2019 6:43 am**

Hi there, we like to retrieve some info from the REST API and for security reasons we configured an API user with read-only access. If we configure the user with Authorization Level "Admin" everything works fine. However, if we choose Authorization Level "User" we cannot access the CCM information.

A "User" can retrieve data from this API endpoint:
https://nagiosxi.company.local/nagiosxi ... apikey=xxx

But not from this endpoint:
https://nagiosxi.company.local/nagiosxi ... apikey=xxx
{
"error": "Authenticiation failed."
}

This is not what we expected, since we provided these settings:

Is this something which can be changed?

Posted: **Thu Nov 14, 2019 7:06 am**

No, unfortunately this is not possible.

From the Config Reference section of the API documentation:

This API section is admin only.

Posted: **Thu Nov 14, 2019 7:30 am**

scottwilkerson wrote:No, unfortunately this is not possible.

Hi Scott, thank you for the replly. Is this something for the future perhaps?

Posted: **Thu Nov 14, 2019 7:35 am**

I can add a feature request, but there is no guarantee it will be included in future versions, that would ultimately be a decision for the Principal Software Architect.

Posted: **Thu Nov 14, 2019 8:41 am**

scottwilkerson wrote:I can add a feature request

That sounds good. A security improvement in the API should be a useful addition, so I can imagine the PSA will understand that.
Maybe we could ask for "API: GET-only for non-admin users with CCM read-only rights". This might be easier to achieve than an complete RBAC solution for API.

Posted: **Thu Nov 14, 2019 9:15 am**

I'll add that to the request

Nagios Support Forum

REST API config read-only

REST API config read-only

Re: REST API config read-only

Re: REST API config read-only

Re: REST API config read-only

Re: REST API config read-only

Re: REST API config read-only