How does one grant permissions to the API Browser without giving them admin access?
The API browser (Swagger UI) expects a username and a password to run any queries against the Graylog REST API.
So effectively, all queries will be executed as the user account given to the API browser. You don’t need to be administrator to use it.
Thanks, would a user account be able to view the /api-browser link? I created a user and gave it access to a stream but when I use the api-browser url it is empty. It simply displays the graylog logo, the words API Browser, and two empty boxes (which I assume are username and password). Then it is blank where all the api options would normally be and finally the phrase "This browser is a customized version of the great Swagger project.
Yes, users can just open the API browser (but not execute any queries without valid user account).