REST API authenticates as "guest" user when no authorization is provided - Support and Troubleshooting

REST API authenticates as "guest" user when no authorization is provided Issue  REST API authenticates as "guest" user when no authorization is provided

Issue When using an inbound REST API call with no authorization provided, records are created as the "guest" user.

The system logs, with the REST debugger enabled, start by showing the following entries: API_INT-thread-2 SYSTEM DEBUG: #450619 [REST API] RESTAPIProcessor : Started initializing REST Request API_INT-thread-2 SYSTEM DEBUG: #450619 [REST API] URIHandler : Resolving URI: /now/table/incident API_INT-thread-2 SYSTEM DEBUG: #450619 [REST API] RESTAPIProcessor : URI Resolving Duration duration_micro_secs=296 API_INT-thread-2 SYSTEM DEBUG: #450619 [REST API] RESTAPIProcessor : Finished initializing REST Request API_INT-thread-2 SYSTEM HTTP authorization validated user 'guest'

Symptoms When making an inbound REST API web service call to the instance, the user is authenticated as "guest".

REST API call with no authorization header. REST API call with an authorization header. "guest" user account is used to process the request.

Cause By default, the system property glide.basicauth.required.api is set to true. When this value is false, all inbound REST API calls are processed as the "guest" user.

Resolution Modify the glide.basicauth.required.api sys_properties record and set the value to true .

In the filter navigator, enter sys_properties.LIST . Search for name = glide.basicauth.required.api. Update the value from false to true. Click Update to save the new value.