2 of 2 people found this helpful
The authenticated user must be a member of the local PI Web API administrators group to read this endpoint.
Thanks for the quick reply. I'm still not clear on what I need to do. I've added a user to the local PI Web API Admins group (that was created by default when the Pi Web API was installed) with a username and password. If a remote developer wants access to the system/status endpoint (whether through a GET or just via a browser using https://<host server>/piwebapi/system/status), it doesn't ask for a username and password, it just gives me the same "Authorization has been denied". I'm very new to OSI Pi, having been asked to set up a PI Server for a proof of concept, so these may seem like trivial questions. I've also changed the "AuthenticationMethods" in the PI System Explorer to both "Basic" and "Anonymous". Should I only use Basic, or can I keep it Anonymous and still be able to have remote developers access the system/status endpoint? Thanks again for the help!
1 of 1 people found this helpful
Whats the need to access the status endpoint? If you are trying to know if the service is running that can easily be verified hitting the base endpoint -- it either responds or it doesn't. In regards to your question, anonymous authentication will have precedence over any other authentication protocol, and in this configuration, all calls will be made on behalf of the service account of the PI Web API service. In this scenario, the service account has to be listed in the admin group to view the system endpoint. Using basic authentication will require you to have your remote users listed in the admin group to be able to hit the system endpoint.