Archive
Highlighted

web session ID usable for rest session?

New Member

is is possible to use Splunk's web session ID to authenticate a REST API call in a custom REST service?

Tags (1)
0 Karma
Highlighted

Re: web session ID usable for rest session?

SplunkTrust
SplunkTrust

Hi,

Here I am assuming that Custom REST is on Splunk Instance only and If your custom rest service is exposed to Splunk Web then yes you can use SplunkWeb CSRF Token for custom rest authentication.

For example:
I have dashboard which is using Javascript and hitting custom rest service in same Splunk instance and that custom rest is exposed to Splunk Web.

So in Javascript

xhr.setRequestHeader('X-Splunk-Form-Key', document.cookie.match(/splunkweb_csrf_token_8000=(\d+)/)[1]);

and custom rest which is exposed to Splunk Web is accessible at /en-US/splunkd/__raw/services/my_custom_rest

0 Karma