OPNsense Forum
Archive => 19.1 Legacy Series => Topic started by: haaa on July 24, 2019, 09:38:33 am
-
Hello,
I just wrote my first script to determine active routing table entries automatically by using the API. For this purpose I create a user, granted the permission for "Diagnostics: Routing Tables" and added an API key. When using curl to get https://<IP>/api/diagnostics/interface/getroutes, I get "Authentication failed". Adding permission "All pages" to the user leads me to the correct result.
What permission do I have to enable to only allow the user reading the routing tables?
Thank you in advance,
Andreas
-
Did you set api key and secret before in your curl?
-
Yes, of course.
-
Have you tried to put the user in admin group?
-
No, because that is not, what I want. The user shall have the permission to display routing table, and ONLY this permission. I don't want to have an additional admin user. For this I could have added an API key to root ;-)
-
https://github.com/opnsense/core/blob/master/src/opnsense/mvc/app/models/OPNsense/Diagnostics/ACL/ACL.xml#L16-L22
-
Hello Franco,
thank you for your reply. As I also found this reference in the code, I already granted permission "Diagnostics: Routing Tables" to the user. But that does not work as I get "Authentication failed". So maybe there is a bug?
Regards,
Andreas