Trying to use the REST API to pull a list of computers. The browser pops up a username/password box and when we enter the username/password it just pops up the box again. What permissions does the user need in Bigfix to be able to pull data via the REST API? I can’t find any information about this in the documentation…which would be helpful.
So, when you use the ‘login’ method (either through scripting or through the browser), once you give the rest API a username/password (of a console user), you get a certificate back. This certificate can then be used in subsequent interactions via ReST. A good way to see this is by using something like ‘poster’ or ‘postman’ within a browser, and you can clearly see the interactions.
If you want some examples in python and ruby, see my blog series at: https://www.ibm.com/developerworks/community/blogs/edgeCity/entry/the_young_and_restless_or_web_service_queries_for_the_rest_of_us?lang=en
You shouldn’t need any special permissions to get a list of computers. The list of computers you get should only contain computers in which the user that was used with the REST API has management rights over.
I’d recommend testing the REST API using CURL with SSL verification disabled.
1 Like
…Or the ‘iem’ command line. See, below, for picts of the commandline & chrome postman. Cmdline:
Postman:
All best,
celty
This… when I do all of my API testing I go:
curl -k -u USERNAME http://TEM_SERVER:52315/api/computers or something. -k is for insecure. -u is username, and then curl prompts you to enter a password for your username.
1 Like
Here’s an example powershell script to query actions from my bigfix server, using my master operator username/password (feel free to use this code, just give me a credit in your source if you will).:
Notice that I use the powershell v2.0 Invoke-WebRequest (line 53), but you could just as easily uncomment line 57, and use the .3.0 Invoke-RestMethod, instead.
Also, notice that I turn off SSL-verification (in lines 17 - 28), for ease-of-testing, and I log-in, by putting the encoded username/password in the header (i.e. $headers).
Lastly, notice the ‘computers’ in line 49 will give you computer ids & last-report-time
best,
celty
1 Like