Hello,
I just wrote my first script to determine active routing table entries automatically by using the API. For this purpose I create a user, granted the permission for "Diagnostics: Routing Tables" and added an API key. When using curl to get https://<IP>/api/diagnostics/interface/getroutes, I get "Authentication failed". Adding permission "All pages" to the user leads me to the correct result.
What permission do I have to enable to only allow the user reading the routing tables?
Thank you in advance,
Andreas
Did you set api key and secret before in your curl?
Yes, of course.
Have you tried to put the user in admin group?
No, because that is not, what I want. The user shall have the permission to display routing table, and ONLY this permission. I don't want to have an additional admin user. For this I could have added an API key to root ;-)
https://github.com/opnsense/core/blob/master/src/opnsense/mvc/app/models/OPNsense/Diagnostics/ACL/ACL.xml#L16-L22
Hello Franco,
thank you for your reply. As I also found this reference in the code, I already granted permission "Diagnostics: Routing Tables" to the user. But that does not work as I get "Authentication failed". So maybe there is a bug?
Regards,
Andreas