Bug ID 1108181: iControl REST call with token fails with 401 Unauthorized

Last Modified: May 29, 2024

Affected Product(s):
BIG-IP TMOS(all modules)

Known Affected Versions:
17.0.0,, 15.1.6,, 14.1.5,, 13.1.5

Fixed In:
17.1.0,, 16.1.3,,

Opened: May 20, 2022

Severity: 2-Critical


For a short period after creating or refreshing a token, the iControl REST calls may fail with a 401 Unauthorized error and an HTML body content, or a 401 F5 Authorization Required error and a JSON body content. When using F5 Ansible modules for BIG-IP, the modules may fail with an error "Expecting value: line 1 column 1 (char 0)". The AS3 may return an error "AS3 API code: 401".


The iControl REST calls may temporarily fail (typically less than 1 second) after the creation or refresh of an iControl REST token.


- REST call using valid token. - Can commonly occur on the call after a token has been refreshed or a Token list has been requested.


After being issued a token or refreshing a token, wait a second before attempting to use it. If this does not work, request a new token. No workaround exists for AS3 or F5 Ansible BIG-IP modules.

Fix Information

A race condition on a PAM file update has been resolved. Tokens should remain valid.

Behavior Change

Guides & references

K10134038: F5 Bug Tracker Filter Names and Tips