Hello Experts,


I am working on an issue where we want to run the below REST API to monitor the active sessions.

We followed the documentation and created the 2 users under Administration > System > Admin Access > Administrators > Admin Users 

"ersadmin1” with the “Admin Groups” = “ERS Admin”

"admin1” with the “Admin Groups” = “Super Admin”

When, we run the REST API with the user “ersadmin1”, we are getting the below error always;

    Status Code: 401 Unauthorized

    Cache-Control: private

    Content-Length: 1027

    Content-Type: text/html;charset=utf-8

    Date: Wed, 03 Feb 2016 19:56:37 GMT

    Expires: Wed, 31 Dec 1969 18:00:00 CST

    Unauthorized: 401

    X-Frame-Options: SAMEORIGIN

When, we run the REST API with the user “admin1”, we are getting the below success message;

    Status Code: 200 OK

    Cache-Control: private

    Content-Length: 467

    Content-Type: application/xml;charset=UTF-8

    Date: Wed, 03 Feb 2016 19:53:25 GMT

    Expires: Wed, 31 Dec 1969 18:00:00 CST

    Set-Cookie: JSESSIONIDSSO=F139B62117617AC2D5A9835F288914A1; Path=/; Secure; HttpOnly

    JSESSIONID=53EDE72CFC828190EAAA2A3E9BA5BC36; Path=/admin/; Secure; HttpOnly

    X-Frame-Options: SAMEORIGIN

I looks like a buggy behavior and I tested on ISE 1.3 and 1.4 both. What are your comments on it?