It tuns out that an openhab user needs to belong at least to either the administrator or the user role. Otherwise, the user will not be able to access any page contents, as the REST API will return this kind of unauthorised errors.
Then, you can add additional roles to a given user to manage access to the various pages depending on your needs at a role level, because one user can belong to several roles. Unfortunately, it seems there is no UI to perform this task as of version 3.1, neither through the web ui nor through the openhab karaf console.
The only way I found to add a user to several roles is manually editing the userdata/jsondb/users.json file. Look at this example where user hpi belongs to 2 roles: user and atelier:
{
"hpi": {
"class": "org.openhab.core.auth.ManagedUser",
"value": {
"name": "hpi",
"passwordHash": ....
"roles": [
"user",
"atelier"
],
"sessions": [
...
]
}
},
"jennifer": {
"class": "org.openhab.core.auth.ManagedUser",
"value": {
"name": "jennifer",
"passwordHash": ...
"roles": [
"user",
"maison"
],
As with all modifications to JSON DB, I guess you need to do this modification while openhab is not running.
I found it quite convenient to manage access to various items depending roles and not on the user id itself. That way, definition of the layouts is faster and more flexible. You reduce the risk of forgetting to add a user to access a specific UI part.