[admin@MikroTik] > /ip/service/print
Flags: X - DISABLED, I - INVALID
Columns: NAME, PORT, ADDRESS, CERTIFICATE, VRF

NAME PORT ADDRESS CERTIFICATE VRF

0 X telnet 23 main
1 X ftp 21
2 www 80 172.16.0.0/24 main
3 X ssh 22 main
4 X www-ssl 443 none main
5 api 8728 0.0.0.0/0 main
6 winbox 9291 main
7 X api-ssl 8729 root-cert main
[admin@MikroTik] > /tool fetch http-method=get url=http://172.16.0.1:8728/rest/sys
tem/resource check-certificate=no user=admin password=""
status: failed

failure: Idle timeout - waiting data

Remove the “allowed access”. It should be grey in winbox, so may need to hit the up arrow there to remove it. Otherwise, it matching if the caller’s IP is 0.0.0.0 I suspect. Although I get 0.0.0.0/0 should be everything… I know it being unset means allowed everywhere for sure.

Opps. By “API”, you mean the REST API. That’s a different problem. When you use the CLI, the src-address is loopback 172.0.0.1. So that needs to be in the allowed-address for www in your case.

And, as REST is an HTTP-based API, the port for it is “80” NOT 8728.

/tool fetch url=http://172.16.0.1/rest/ip/address

And remove the port 8728 from the url…

LOL. I have the edit window open but didn’t hit save.

Better url to output to screen. output=user will cause it print to console to see results.

/tool fetch url=http://172.16.0.1/rest/ip/address output=user

Thanks actually the doc said www but i totally ignored it bcz the winbox states api service. it worked. How can i edit the title to solved?

Find the reply that helped solve the problem and use the checkbox on the very right side of the reply header. Alternatively you can mark your own reply where you stated that the problem has been resolved.