Hello,
I have created a test user in graylog 3.1.2, given him the “Reader” role and an API key. However, when trying to search for some data I always get
{
“type”: “ApiError”,
“message”: “Not authorized”
}
I have tried giving all possible permissions to no avail. Only adding the user to the “Admin” group helps.
how did you searched with the user (exact call) does the user had access to any stream and was the search filtered on the stream he had access to or did you tried the “universal” search with the user that has reader roles only?
Hello,
I enabled all the streams in the user’s settings while testing.
I was trying just with /universal/ . Now I added &streams:000000000000000000000001 but that didn’t help.
The request is now as follows:
curl -s -u foobarbaz:token -H ‘Accept: application/json’ -H ‘X-Requested-By: cli’ -X GET ‘http://127.0.0.1:9000/api/search/universal/relative?query=message%3Amy_message%20AND%20identifier%my_identifier&range=86400&fields=foo%2Cbar%2Crelay_received_datetime&sort=relay_received_datetime:desc&streams:000000000000000000000001’
the universal/default stream is nothing a non admin user can use.
My syntax for stream filtering was wrong. It is not part of the “fields”, but of “filter”.
Therefore, to a search, one needs to append: “&filter=streams:000000000000000000000001” (or whichever stream they need)
This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.
