topic Re: Not authorized for REST API command in ONTAP Rest API Discussions

Not authorized for REST API command

tmkhrg — Wed, 04 Jun 2025 09:57:01 GMT

We are currently trying to use the REST webservice to get and adjust the retention time of a document, but always get the response that the user isn't authorized for that command.

We started by creating a role on our vserver like this:

security login rest-role create -role snaplockall -api /api/storage/snaplock -access all -vserver vs1.example.com

We called that role "snaplockall" and it looks like this in the GUI:

We then assigned the role as a HTTP-role to a newly created user called "snaplocktest" and gave a password to the user.

With that user we are trying a GET method on:

/storage/snaplock/file/{volume.uuid}/{path}

and always get

{ "error": { "message": "not authorized for that command", "code": "6" } }

Are we missing a role or is there anything else we could try?

EDIT: We are using ONTAP Verison 9.7

Re: Not authorized for REST API command

RobertBlackhart — Tue, 06 Sep 2022 12:31:07 GMT

Are you using a LIF that belongs to vs1.example.com to access the API? Did you try the same pattern with some other API (unrelated to snaplock) as a test and see if that allowed access?

Re: Not authorized for REST API command

tmkhrg — Wed, 07 Sep 2022 09:34:03 GMT

@RobertBlackhart wrote:
Are you using a LIF that belongs to vs1.example.com to access the API? Did you try the same pattern with some other API (unrelated to snaplock) as a test and see if that allowed access?

Yes, we do.

@RobertBlackhart wrote:
Are you using a LIF that belongs to vs1.example.com to access the API? Did you try the same pattern with some other API (unrelated to snaplock) as a test and see if that allowed access?

I just tried "/api/security/roles" and get the same message. Even if I just try "/api" I get that message.