Permissions required to authenticate to REST API


One of our teams is requesting access to the Horizon 7.10 REST API to gather user session information and statistics.  I granted them Administrators(Read-only) role, but when trying to authenticate they get 


  "status": "UNAUTHORIZED",

  "timestamp": 1604401593260,

"error_message": "Only Administrator on Root are allowed to access the REST APIs."


Granting full Administrator access resolves this issue but I don't want them to have full Administrator permissions.  Does anyone know the minimum necessary permissions to authenticate to the REST API and gather user session data?

Thank you!

0 Kudos
1 Reply


Accordig to this documentation: https://techzone.vmware.com/resource/using-vmware-horizon-server-rest-api#_Toc47441708 the user must be an administrator at /Root.


Logging In to the Horizon Server REST API

The Horizon Server REST API uses a JSON Web Token (JWT) for securing access to the API endpoints. This JWT is initially obtained by authenticating to the /login endpoint. The access token, along with a refresh token used to acquire a new access token, is returned as a JSON string. The access token is added to each API call as an Authentication header. (This will be covered later in this document.) In order to access the REST API, the user must be an administrator at /Root.


Roderik de Block

Blog: https://roderikdeblock.com
0 Kudos