is is possible to use Splunk's web session ID to authenticate a REST API call in a custom REST service?
Hi,
Here I am assuming that Custom REST is on Splunk Instance only and If your custom rest service is exposed to Splunk Web then yes you can use SplunkWeb CSRF Token for custom rest authentication.
For example:
I have dashboard which is using Javascript and hitting custom rest service in same Splunk instance and that custom rest is exposed to Splunk Web.
So in Javascript
xhr.setRequestHeader('X-Splunk-Form-Key', document.cookie.match(/splunkweb_csrf_token_8000=(\d+)/)[1]);
and custom rest which is exposed to Splunk Web is accessible at /en-US/splunkd/__raw/services/my_custom_rest