Getting Data In

How can I authenticate (Basic HTTP) a workflow action?

dpanych
Communicator

I am collecting O365 email logs using Microsoft's MessageTrace api. There is another api called MessageTraceDetail, which uses two fields from an email event (MessageTraceId and RecipientAddress). I was able to build to a workflow action that calls the api using the two criteria from an event, it works great, but it asks for authentication (username and password) to O365. Once I log in, it displays the results fine, in json. Is there any way to securely bake in those credentials in a conf so that the user doesn't need to input credentials?

API: https://reports.office365.com/ecp/reportingwebservice/reporting.svc/MessageTraceDetail?$format=json&... eq '$RecipientAddress$' and MessageTraceId eq guid'$MessageTraceId$'

0 Karma

kalifehj
Explorer

The Office 365 Reporting web service uses basic authentication. Which means that you have to send a Authorization header with your request. The header value is "Basic base64encode(username:password)", look up basic authentication and you will see examples.

I don't see a way to send this header using workflow actions. If you don't write your own python scripts, you should check out:
Splunk REST API Modular Input app -https://splunkbase.splunk.com/app/1546/
REST storage/passwords Manager for Splunk - https://splunkbase.splunk.com/app/4013/

If you want to index messagetrace and messagetracedetail data, you need to request the trace data, take the values from the trace and put them in the tracedetail request. You can set this up to run all the time and index all mail trace and tracedetail events.

Register for .conf21 Now! Go Vegas or Go Virtual!

How will you .conf21? You decide! Go in-person in Las Vegas, 10/18-10/21, or go online with .conf21 Virtual, 10/19-10/20.