2 Replies Latest reply on Jul 10, 2017 4:40 AM by trungkfc

    permission require to access to restful API in Network Security Manager


      Hi There,


      I tried to access the NSM resource by using API but the server says "Invalid credentials"

      I follow step bellow:

      1. get session and user_id by send request to https://<nsm_ip>/sdkapi/session

      => Login successful and send back session and user_id

      2. Access to resource: by send request to https://<nsm_ip>/sdkapi/heartbeat with base64(session:user_id)

      => Server sent back "Invalid credentials"


      My user has role Security Expert.

      When I change the role of my user from Security Expert to Super User, I can access the resource (Server do not send back "Invalid credentials"). I tried with role IPS Administrator as well but the response is same with role Security Expert. Only Super User can access to the API.


      So, anyone knows exactly permission require to access to the API?


      Here is all permission of Super User:

      Alert Assignment Supervisor

      Alerts - View Packet Logs

      Analysis - Edit

      Analysis - View Only

      Configuration Reports - IPS - Create

      Configuration Reports - IPS - Run Only

      Configuration Reports - NTBA - Create

      Configuration Reports - NTBA - Run Only


      Deploy Changes - IPS

      Deploy Changes - NTBA

      Devices - Edit

      Devices - Edit

      Devices - View Only

      ePO Dashboard Data Retrieval

      Event Reports - IPS - Create

      Event Reports - IPS - Run Only

      Event Reports - NTBA - Create

      Event Reports - NTBA - Run Only

      Guest Portal User Account Manager

      IPS Policy - Edit

      IPS Policy - View Only

      Manage IPS - Edit

      Manage IPS - View Only

      Manage Manager - Edit

      Manage Manager - View Only

      Manage NTBA - Edit

      Manage NTBA - View Only

      NTBA Policy - Edit

      NTBA Policy - View Only

      Run Vulnerability Scan

      TA Alerts - Manage

      TA Alerts - View Only

      TA Dashboards - General Monitors - Create

      TA Dashboards - General Monitors - View Only

      TA Dashboards - IPS Monitors - Create

      TA Dashboards - IPS Monitors - View Only

      TA Dashboards - NTBA Monitors - Create

      TA Dashboards - NTBA Monitors - View Only

      TA Edit IPS Policy

      TA Edit NTBA Policy

      TA Endpoints - Manage

      TA Endpoints - View Only

      TA Retrieve ePO Data

      User Auditing - Edit

      Users and Roles - Edit

      Users and Roles - View Only 


      Thanks for your help