Bug ID 1108181: iControl REST call with token fails with 401 Unauthorized

Last Modified: Jan 19, 2023

Bug Tracker

Affected Product:  See more info
BIG-IP TMOS(all modules)

Known Affected Versions:
17.0.0,, 15.1.6,, 14.1.5,, 13.1.5

Fixed In:, 16.1.3,,

Opened: May 20, 2022
Severity: 2-Critical


For a short period after creating or refreshing a token, the iControl REST calls may fail with a 401 Unauthorized error and an HTML body content, or a 401 F5 Authorization Required error and a JSON body content. When using F5 Ansible modules for BIG-IP, the modules may fail with an error "Expecting value: line 1 column 1 (char 0)". The AS3 may return an error "AS3 API code: 401".


The iControl REST calls may temporarily fail (typically less than 1 second) after the creation or refresh of an iControl REST token.


- REST call using valid token. - Can commonly occur on the call after a token has been refreshed or a Token list has been requested.


After being issued a token or refreshing a token, wait a second before attempting to use it. If this does not work, request a new token. No workaround exists for AS3 or F5 Ansible BIG-IP modules.

Fix Information

A race condition on a PAM file update has been resolved. Tokens should remain valid.

Behavior Change