Why do I receive REST API "login failed" message?

nsshey · ‎10-25-2016

I ran the following command:

curl -k https://hosthere:8089/services/auth/login -d username=admin -d password=password

and got a weird error, so I tried it in my browser:

https://hosthere:8089/services/auth/login

and got this error:

<response>
<messages>
<msg type="WARN">Login failed</msg>
</messages>
</response>

I don't understand why I am getting this if I didn't even see the pop-up that asks me for login information. Sometimes my browser allows me to enter my login info, and then API works, and sometimes it doesn't. I checked and my pop-ups are enabled for this site.

Any suggestions?

nnmiller · ‎08-22-2017

Reviewing the REST API Reference, it appears that the tutorial docs are incorrect.

Per auth/login REST API docs section, the correct command here is (yes, enter username/pass 2x):

curl -k -u admin:changeme  https://localhost:8089/services/auth/login -d username=admin -d password=changeme

Which returns an XML response with a session key:

<response>
    <sessionKey>192fd3e46a31246da7ea7f109e7f95fd</sessionKey>
</response>

MuS · ‎10-25-2016

Hi nsshey,

You should provide user login information with your curl command:

 curl -k -u admin:changeme https://hosthere:8089/services/auth/login ....

See the docs for more details http://docs.splunk.com/Documentation/Splunk/6.5.0/RESTTUT/RESTbasicexamples

Hope this helps ...

cheers, MuS

rjthibod · ‎10-25-2016

Go to the access controls menu as an Admin and make sure your role has the following capabilities.

rest_apps_view
rest_properties_get
rest_properties_set
rest_apps_management

Why do I receive REST API "login failed" message?

Index This | Forward, I’m heavy; backward, I’m not. What am I?

A Guide To Cloud Migration Success

Join Us for Splunk University and Get Your Bootcamp Game On!