- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello,
Does anyone know how to delete an authorization token for no more exisiting account in Splunk?
We have tried it in Web, but Splunk "Could not get info for non-existent user"
We have tried it on servers, too:
For curl -k -u <username>:<password> -X DELETE https://<server>:<management_port>/services/authorization/tokens/<token_user> -d id=<token_id>
we get:
<?xml version="1.0" encoding="UTF-8"?>
<response>
<messages>
<msg type="ERROR">Could not find object id=xxxxx</msg>
</messages>
</response>
Is there any dir or file where authentication tokens are saved on Search Heads?
We need to get rid of internal errors that we receive for this non-existent user, but without token removal it will not be possible
Many thanks in advance for help!
Greetings,
Justyna
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi
GUI didn't remove it? As I understand that pop up it still give you a possibility to remove token, even it cannot found user?
One option what you could try is just create a local Splunk user (exact same user id as earlier), then remove token and then remove user?
r. Ismo
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi
GUI didn't remove it? As I understand that pop up it still give you a possibility to remove token, even it cannot found user?
One option what you could try is just create a local Splunk user (exact same user id as earlier), then remove token and then remove user?
r. Ismo
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi @isoutamo,
It worked, thank you for your prompt reply!
Much appreciated
BR,
Justyna