Getting Data In
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question
Solved! Jump to solution

How to delete session_key when done in REST API as non-admin user

newfdawg
Explorer
‎06-08-2012 01:04 PM

After programatically getting the session_key:
curl -k -u admin:pass https://localhost:8089/services/auth/login -d username=non-admin-user -d password=pass
and then using that for the rest of the tasks via the API. How do I as this same user (a non-admin user) release or delete the session key?
Also - does anyone know the lifetime of the session key?

Thank you!

  • Chris
Tags (2)
Reply
1 Solution
Solved! Jump to solution
Solution

gkanapathy
Splunk Employee
Splunk Employee
‎06-08-2012 03:31 PM

You can delete it with a DELETE http method call to the rest endpoint https://localhost:8089/services/authentication/httpauth-tokens/_authtokenname_

The duration of a session is set in server.conf [general] sessionTimeout.

update:

appears you could use curl:

curl -k -X DELETE -H "Authorization: Splunk 1a2b3c4d5e6f7g8h90" https://localhost:8089/services/authentication/httpauth-tokens/1a2b3c4d5e6f7g8h90

View solution in original post

Reply
Solved! Jump to solution

newfdawg
Explorer
‎06-11-2012 02:18 PM

Thanks! It's 60 minutes on mine and that matches what I am seeing.

0 Karma
Reply
Solved! Jump to solution
Solution

gkanapathy
Splunk Employee
Splunk Employee
‎06-08-2012 03:31 PM

You can delete it with a DELETE http method call to the rest endpoint https://localhost:8089/services/authentication/httpauth-tokens/_authtokenname_

The duration of a session is set in server.conf [general] sessionTimeout.

update:

appears you could use curl:

curl -k -X DELETE -H "Authorization: Splunk 1a2b3c4d5e6f7g8h90" https://localhost:8089/services/authentication/httpauth-tokens/1a2b3c4d5e6f7g8h90
Reply
Solved! Jump to solution

newfdawg
Explorer
‎06-11-2012 02:15 PM

Thank you - that did it! (After I added the edit_httpauths capability to the user's role).

0 Karma
Reply
Solved! Jump to solution

kristian_kolb
Ultra Champion
‎06-08-2012 01:22 PM

I suspect it's the same session length as for web GUI logins (Manager -> System Settings -> General Settings)
The actual setting is in server.conf.

As for deleting the session key, well, that's beyond me.

0 Karma
Reply
Get Updates on the Splunk Community!

Stay Connected: Your Guide to November Tech Talks, Office Hours, and Webinars!

🍂 Fall into November with a fresh lineup of Community Office Hours, Tech Talks, and Webinars we’ve ...

Transform your security operations with Splunk Enterprise Security

Hi Splunk Community, Splunk Platform has set a great foundation for your security operations. With the ...

Splunk Admins and App Developers | Earn a $35 gift card!

Splunk, in collaboration with ESG (Enterprise Strategy Group) by TechTarget, is excited to announce a ...