Getting Data In

How to delete session_key when done in REST API as non-admin user

newfdawg
Explorer

After programatically getting the session_key:
curl -k -u admin:pass https://localhost:8089/services/auth/login -d username=non-admin-user -d password=pass
and then using that for the rest of the tasks via the API. How do I as this same user (a non-admin user) release or delete the session key?
Also - does anyone know the lifetime of the session key?

Thank you!

  • Chris
Tags (2)
1 Solution

gkanapathy
Splunk Employee
Splunk Employee

You can delete it with a DELETE http method call to the rest endpoint https://localhost:8089/services/authentication/httpauth-tokens/_authtokenname_

The duration of a session is set in server.conf [general] sessionTimeout.


update:

appears you could use curl:

curl -k -X DELETE -H "Authorization: Splunk 1a2b3c4d5e6f7g8h90" https://localhost:8089/services/authentication/httpauth-tokens/1a2b3c4d5e6f7g8h90

View solution in original post

newfdawg
Explorer

Thanks! It's 60 minutes on mine and that matches what I am seeing.

0 Karma

gkanapathy
Splunk Employee
Splunk Employee

You can delete it with a DELETE http method call to the rest endpoint https://localhost:8089/services/authentication/httpauth-tokens/_authtokenname_

The duration of a session is set in server.conf [general] sessionTimeout.


update:

appears you could use curl:

curl -k -X DELETE -H "Authorization: Splunk 1a2b3c4d5e6f7g8h90" https://localhost:8089/services/authentication/httpauth-tokens/1a2b3c4d5e6f7g8h90

newfdawg
Explorer

Thank you - that did it! (After I added the edit_httpauths capability to the user's role).

0 Karma

kristian_kolb
Ultra Champion

I suspect it's the same session length as for web GUI logins (Manager -> System Settings -> General Settings)
The actual setting is in server.conf.

As for deleting the session key, well, that's beyond me.

0 Karma
Get Updates on the Splunk Community!

SOCin’ it to you at Splunk University

Splunk University is expanding its instructor-led learning portfolio with dedicated Security tracks at .conf25 ...

Credit Card Data Protection & PCI Compliance with Splunk Edge Processor

Organizations handling credit card transactions know that PCI DSS compliance is both critical and complex. The ...

Stay Connected: Your Guide to July Tech Talks, Office Hours, and Webinars!

What are Community Office Hours?Community Office Hours is an interactive 60-minute Zoom series where ...