Security

servicesNS/admin/search/login 404 - not found

Path Finder

I'm looking to start using the Web API but I'm running in to a problem. When I try and hit the login endpoint for authentication I get the following:

curl -k https://localhost:8089/servicesNS/admin/search/login/ -d"username=admin&password=changeme"

404 - not found

I'm running Splunk 4.3.1 and we do have LDAP authentication turned on, if that makes a difference. If I browse to the above location I don't see the login endpoint that way either. So, what am I doing wrong?

Tags (4)
0 Karma
1 Solution

Splunk Employee
Splunk Employee

I am not sure where you got that URL endpoint, but Splunk's authentication endpoint is at https://localhost:8089/services/auth/login. You can also get an auth token at https://localhost:8089/servicesNS///auth/login. Additionally, you can pass in the user id and password via basic auth to any other endpoint and authenticate on each individual call.

http://docs.splunk.com/Documentation/Splunk/latest/RESTAPI/RESTlist

View solution in original post

Splunk Employee
Splunk Employee

I am not sure where you got that URL endpoint, but Splunk's authentication endpoint is at https://localhost:8089/services/auth/login. You can also get an auth token at https://localhost:8089/servicesNS///auth/login. Additionally, you can pass in the user id and password via basic auth to any other endpoint and authenticate on each individual call.

http://docs.splunk.com/Documentation/Splunk/latest/RESTAPI/RESTlist

View solution in original post

Splunk Employee
Splunk Employee

looks to me like you just copied the url wrong from that docs page.

0 Karma

Path Finder

I got the URL I was using from the developer docs

http://dev.splunk.com/view/basic-tutorial/SP-CAAADQT

I'm not actually trying to connect to localhost or with admin/changeme I pulled out the full URL and username/password for the sake of security and brevity.

I've switched to using the services/auth/login url and it is now working.

Thanks!

0 Karma

Splunk Employee
Splunk Employee

it is possible to connect from localhost or 127.0.0.1 without changing the default admin password. if you want to connect from other networks, then you need to change the password. it's possible to change this behavior in server.conf with the allowRemoteLogin setting, but it's easier and better to just change the password.

Ultra Champion

Is it even possible to log on with admin/changeme? I seem to remember that it was disabled?

/kristian

0 Karma