Icinga Director REST API - API users not working

Hi,
in my environment icinga Director master is working properly and I have tested successfully with my user credentials multiple REST methods explained here
https://icinga.com/docs/director/latest/doc/70-REST-API/

My issue now, -and please forgive my ignorance as I am new to this world- I have created a user named test with a basic password in the section >Icinga director> Icinga Api Users
as you see here

I am testing the API calls with the new created user credentials but they are not working successfully! also curl is not showing me any error results or any clue!
Any Idea or help would be very much appreciated.
Thanks
Jaber

Hey Jaber,

maybe this can help? Add the user to a role with the needed permissions.

Source:

2 Likes

Hallo Lukas and thanks for your reply,
Bad news is, I can not follow the given solution because I don’t have the possibility to create new user! I n another word, I don’t have the create Option or any option appearing on my screen!

interesting is that I have the option to create a Role but no option to crearte a user!

by the way, the user I am user is member of Administrators group.
I hope some one could advice in this regards.
Thanks
Jaber

Hey Jaber,

do u have multiple user backends? Try to change it to “icingaweb2” or another non-AD Backend. Than the botton appears.

1 Like

Director Api and Icinga Api are different things.
-If you want to add host with the Director Api you need to use an icingaweb2 user with director Api permissions and not an Icinga Api user. If you want to do something with the Icinga2 Api, the icinga Api user is enough.

-You can’t add users because you are ldap authenticated. Just create a role, that have director api permissions and add LDAP users to this group. You simply can type in a name of an existing ldap user, or select them, if ldap is correctly configured.

To create users you need another authentication method, like mysql database where these “local” users are stored like @lukas mentioned.

1 Like

exactly how I solved the issue, by creating a role and adding an LDAP user to a group.
Thanks very much for Lukas and Rafael : )
cheers!
Jaber

1 Like