https://communities.vmware.com/t5/Horizon-Desktops-and-Apps/Permissions-required-to-authenticate-to-REST-API/m-p/2314073#M91313 <HTML><HEAD></HEAD><BODY><P>Hello,</P><P></P><P>One of our teams is requesting access to the Horizon 7.10 REST API to gather user session information and statistics.&nbsp; I granted them Administrators(Read-only) role, but when trying to authenticate they get&nbsp; </P><P>{</P><P>&nbsp; "status": "UNAUTHORIZED",</P><P>&nbsp; "timestamp": 1604401593260,</P><P> "error_message": "Only Administrator on Root are allowed to access the REST APIs."</P><P>}</P><P></P><P>Granting full Administrator access resolves this issue but I don't want them to have full Administrator permissions.&nbsp; Does anyone know the minimum necessary permissions to authenticate to the REST API and gather user session data?</P><P></P><P>Thank you!</P></BODY></HTML> Tue, 03 Nov 2020 19:35:25 GMT JustinRSiess 2020-11-03T19:35:25Z https://communities.vmware.com/t5/Horizon-Desktops-and-Apps/Permissions-required-to-authenticate-to-REST-API/m-p/2314073#M91313 <HTML><HEAD></HEAD><BODY><P>Hello,</P><P></P><P>One of our teams is requesting access to the Horizon 7.10 REST API to gather user session information and statistics.&nbsp; I granted them Administrators(Read-only) role, but when trying to authenticate they get&nbsp; </P><P>{</P><P>&nbsp; "status": "UNAUTHORIZED",</P><P>&nbsp; "timestamp": 1604401593260,</P><P> "error_message": "Only Administrator on Root are allowed to access the REST APIs."</P><P>}</P><P></P><P>Granting full Administrator access resolves this issue but I don't want them to have full Administrator permissions.&nbsp; Does anyone know the minimum necessary permissions to authenticate to the REST API and gather user session data?</P><P></P><P>Thank you!</P></BODY></HTML> Tue, 03 Nov 2020 19:35:25 GMT https://communities.vmware.com/t5/Horizon-Desktops-and-Apps/Permissions-required-to-authenticate-to-REST-API/m-p/2314073#M91313 JustinRSiess 2020-11-03T19:35:25Z https://communities.vmware.com/t5/Horizon-Desktops-and-Apps/Permissions-required-to-authenticate-to-REST-API/m-p/2807504#M91314 <P>Hi,</P><P>Accordig to this documentation: <A href="https://techzone.vmware.com/resource/using-vmware-horizon-server-rest-api#_Toc47441708" target="_blank" rel="noopener">https://techzone.vmware.com/resource/using-vmware-horizon-server-rest-api#_Toc47441708</A>&nbsp;the user must be an administrator at /Root.</P><P>&nbsp;</P><P><SPAN class="text">Logging In to the Horizon Server REST API</SPAN></P><P>The Horizon Server REST API uses a<SPAN>&nbsp;</SPAN><A href="https://en.wikipedia.org/wiki/JSON_Web_Token" target="_blank" rel="noopener"><SPAN>JSON Web Token</SPAN></A><SPAN>&nbsp;</SPAN>(JWT) for securing access to the API endpoints. This JWT is initially obtained by authenticating to the<SPAN>&nbsp;</SPAN>/login<SPAN>&nbsp;</SPAN>endpoint. The access token, along with a refresh token used to acquire a new access token, is returned as a JSON string. The access token is added to each API call as an Authentication header. (This will be covered later in this document.) In order to access the REST API, the user must be an administrator at<SPAN>&nbsp;</SPAN>/Root.</P><P>&nbsp;</P> Mon, 09 Nov 2020 07:47:36 GMT https://communities.vmware.com/t5/Horizon-Desktops-and-Apps/Permissions-required-to-authenticate-to-REST-API/m-p/2807504#M91314 RoderikdeBlock 2020-11-09T07:47:36Z