User groups and access authorization

All users can log in to the switch and log out of the switch using the POST method of the \login and \logout resources. For other switch resources, the access authorization granted to a user is determined by the group to which the user belongs. Each user group is assigned number that represents a privilege level. This number is used to represent the user group in logs and in places in which the group name is too long to display.

The following user groups are supported:

User group Privilege level Description



Authorized for read access to non-sensitive data.



Authorized for read and write access to all switch resources. Write access also requires that the REST API is in read/write access mode.



Authorized for read access to audit log (/logs/audit) and event log (/logs/event) resources only.

If a user attempts a request for which they are not authorized, the switch returns an HTTP 403 "Forbidden" error.

If an authorized user attempts a write request but the REST API is in read-only mode, the switch returns an HTTP 404 "Page not found" error.