User Privilege Levels and REST API Access
Each API URL resource (e.g., alarms/active) and HTTP method (GET, PUT, POST or DELETE) has a minimum user privilege (access) level. For example, only REST users with Security Administrator level can replace (PUT) the device's License Key.
REST users and their access levels (Monitor, Administrator, and Security Administrator) are configured in the Local Users table (like for other management interfaces).
REST users accessing through LDAP or RADIUS must have a minimum access level of 50 (read-only). For prohibited user access, the device responds with a 403 Forbidden Status.
User access to the REST API directories also depends on the user's access level:
Minimum User Access Level per Directory
|
Direcory |
Minimum User Level |
|---|---|
|
/actions |
Administrator |
|
/alarms |
Monitor |
|
/files |
Administrator |
|
/kpi |
Monitor |
|
/license |
Administrator |
|
/sipTestCall |
Monitor |
|
/status |
Monitor |
For a supported HTTP method, if access is denied due to a user's access level, a 403 Forbidden Status or 405 Method Not Allowed response is sent by the device. For requested resources that do not have any content, a 400 Bad Request response is sent.
The following table lists the REST API resources and the corresponding user access level per HTTP method supported for that resource.
Minimum User Access Level per REST API Resource
|
REST API |
HTTP Method |
|||
|---|---|---|---|---|
|
|
GET |
PUT |
POST |
DELETE |
|
/api/v1/versions |
Monitor |
405 Method Not Allowed |
405 Method Not Allowed |
405 Method Not Allowed |
|
actions |
Administrator |
405 Method Not Allowed |
405 Method Not Allowed |
405 Method Not Allowed |
|
actions/authToken |
405 Method Not Allowed |
405 Method Not Allowed |
Security Administrator |
405 Method Not Allowed |
|
actions/reset |
405 Method Not Allowed |
405 Method Not Allowed |
Administrator |
405 Method Not Allowed |
|
actions/saveConfiguration |
405 Method Not Allowed |
405 Method Not Allowed |
Administrator |
405 Method Not Allowed |
|
alarms |
Monitor |
405 Method Not Allowed |
405 Method Not Allowed |
405 Method Not Allowed |
|
alarms/active |
Monitor |
405 Method Not Allowed |
405 Method Not Allowed |
405 Method Not Allowed |
|
alarms/history |
Monitor |
405 Method Not Allowed |
405 Method Not Allowed |
405 Method Not Allowed |
|
files |
Administrator |
405 Method Not Allowed |
405 Method Not Allowed |
405 Method Not Allowed |
|
files/amd |
405 Method Not Allowed |
Administrator |
405 Method Not Allowed |
405 Method Not Allowed |
|
files/casTable |
405 Method Not Allowed |
Administrator |
405 Method Not Allowed |
405 Method Not Allowed |
|
files/cliScript |
Security Administrator |
Security Administrator |
405 Method Not Allowed |
405 Method Not Allowed |
|
files/cliScript/incremental |
405 Method Not Allowed |
Security Administrator |
405 Method Not Allowed |
405 Method Not Allowed |
|
files/configurationPackage.tar.gz |
Security Administrator |
Security Administrator |
405 Method Not Allowed |
405 Method Not Allowed |
|
files/cpt |
405 Method Not Allowed |
Administrator |
405 Method Not Allowed |
405 Method Not Allowed |
|
files/dialplan |
405 Method Not Allowed |
Administrator |
405 Method Not Allowed |
405 Method Not Allowed |
|
files/fxo |
405 Method Not Allowed |
Administrator |
405 Method Not Allowed |
405 Method Not Allowed |
|
files/fxs |
405 Method Not Allowed |
Administrator |
405 Method Not Allowed |
405 Method Not Allowed |
|
files/ini |
Security Administrator |
Security Administrator |
405 Method Not Allowed |
405 Method Not Allowed |
|
files/ini/incremental |
405 Method Not Allowed |
Security Administrator |
405 Method Not Allowed |
405 Method Not Allowed |
|
files/prt |
405 Method Not Allowed |
Administrator |
405 Method Not Allowed |
405 Method Not Allowed |
|
files/sbcWizard |
405 Method Not Allowed |
Administrator |
405 Method Not Allowed |
405 Method Not Allowed |
|
files/software |
405 Method Not Allowed |
Administrator |
405 Method Not Allowed |
405 Method Not Allowed |
|
files/software/hitless |
405 Method Not Allowed |
Administrator |
405 Method Not Allowed |
405 Method Not Allowed |
|
files/tls |
Security Administrator |
Security Administrator |
Security Administrator |
405 Method Not Allowed |
|
files/usersInfo |
405 Method Not Allowed |
Administrator |
405 Method Not Allowed |
405 Method Not Allowed |
|
kpi |
Monitor |
405 Method Not Allowed |
405 Method Not Allowed |
405 Method Not Allowed |
|
license |
Administrator |
Security Administrator |
405 Method Not Allowed |
405 Method Not Allowed |
|
mc_status |
Monitor |
405 Method Not Allowed |
405 Method Not Allowed |
405 Method Not Allowed |
|
sipTestCall |
Monitor |
405 Method Not Allowed |
Monitor |
Monitor |
|
sipTestCall/dial |
405 Method Not Allowed |
405 Method Not Allowed |
Monitor |
405 Method Not Allowed |
|
sipTestCall/getStatus |
Monitor |
405 Method Not Allowed |
405 Method Not Allowed |
405 Method Not Allowed |
|
sipTestCall/drop |
405 Method Not Allowed |
405 Method Not Allowed |
405 Method Not Allowed |
Monitor |
|
sipTestCall/show |
Monitor |
405 Method Not Allowed |
405 Method Not Allowed |
405 Method Not Allowed |
|
status |
Monitor |
405 Method Not Allowed |
405 Method Not Allowed |
405 Method Not Allowed |