Hi All,
I'm having a problem to use the API. I created one user with the profile "rest services user" but when I'm trying to call the api I'm gettin the error "Error: This user is not authorized to use the web services. (The profile REST Services User is required to access the REST web services)"
If I change in the configuration 'secure_rest_services' => on false, then the API works correctly.
Did I miss something?
Many Thanks
Marco
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
In the old versions of iTop, any administrator user could use the REST API. From iTop 2.5 to newer version, users must explicitly have the "REST services User" profile to be able to use the API.
Check this page of the documentation for more information.
So long story short, yes it's normal, it was to enforce security of the application. :)
Guillaume
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
If you're getting that REST API error, it usually means you need to assign the proper permissions to the user profile. I had a similar issue while working on a Revo repairs project—updating the user roles fixed it quickly!
Last edit: LeoHenry 2024-10-13
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
Hi All,
I'm having a problem to use the API. I created one user with the profile "rest services user" but when I'm trying to call the api I'm gettin the error "Error: This user is not authorized to use the web services. (The profile REST Services User is required to access the REST web services)"
If I change in the configuration 'secure_rest_services' => on false, then the API works correctly.
Did I miss something?
Many Thanks
Marco
Hello Marco,
In the old versions of iTop, any administrator user could use the REST API. From iTop 2.5 to newer version, users must explicitly have the "REST services User" profile to be able to use the API.
Check this page of the documentation for more information.
So long story short, yes it's normal, it was to enforce security of the application. :)
Guillaume
If you're getting that REST API error, it usually means you need to assign the proper permissions to the user profile. I had a similar issue while working on a Revo repairs project—updating the user roles fixed it quickly!
Last edit: LeoHenry 2024-10-13