Security

cppm version is 6.6.8. I test the REST API step by step from the document "ClearPass REST APIs.pdf".  In the lab, I can get the bearer code, and test the privileges API success.

curl -X GET "https://172.16.6.137/api/oauth/privileges" \

-H "Accept: application/json" \

-H "Authorization: Bearer 99be2c41d05f6bda5b6011d7d23baa83d5fa1bc6" \

-m 30 \

-v \

-k

return：status：200.

But I try to test API for query some MAC in endpoint, it's wrong.

curl -X GET "https://172.16.6.137:443/api/endpoint/mac-address/005056a24df1" \

-H "Authorization: Bearer 99be2c41d05f6bda5b6011d7d23baa83d5fa1bc6" \

-m 30 \

-v \

-k

return:

{
  "type": "http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html",
  "title": "Forbidden",
  "status": 403,
  "detail": "Access denied"
}

What's the problem? Somebody can help me?

I use the operator IT Administrators profile , it also wrong.

yes, successful. I find the wrong: the role of my local user is different from the operator role.

THANK YOU!!!

Request URL

https://172.16.6.137:443/api/insight/endpoint/mac/111111111111

Response Body

{
  "mac": "111111111111",
  "ip": "",
  "user": "test",
  "domain": "",
  "roles": null,
  "spt": "UNKNOWN",
  "device_category": "",
  "device_family": "",
  "device_name": "",
  "is_online": false,
  "updated_at": "2018-07-12T18:57:19+08:00"
}

Response Code

200

Hi,

I am using CP 6.6.7.

When i am trying to connect with the API i receive a error 403 (using default API Guest Operator)
When i am using the Super Administrator profile it is working.

Does someone has a suggestion?