I'm using Splunk enterprise Version: 8.2.7 I'm trying to get a session key then run a search through the rest api. Requesting the login through curl works: C:\Users\A0493110>curl -k https://lflvsplunksh01:8089/services/auth/login --data-urlencode username=a0493110 --data-urlencode password=mypassword <response> <sessionKey>7AH24BVGEB^64CzSgJrZWyI4kMAASmOMC395npKhZEwxG0g3Leh6Kpm5uxRTLWoSz07gTgbPqqlcHCJAomHMIRniHO1FgY2kimJBYYirzq1WJZQm</sessionKey> <messages> <msg code=""></msg> </messages> </response> But requesting the login using Insomnia (a rest API endpoint tester) the login Fails. I am sending the login credentials in json as described in the splunk tutorial. <?xml version="1.0" encoding="UTF-8"?> <response> <messages> <msg type="WARN">Login failed</msg> </messages> </response> * Preparing request to https://lflvsplunksh01:8089/services/auth/login * Current time is 2023-08-08T22:23:10.266Z * Enable automatic URL encoding * Using default HTTP version * Disable SSL validation * Uses proxy env variable no_proxy == 'localhost,127.0.0.1,.micron.com,addmmsi' * Too old connection (18958 seconds), disconnect it * Connection 7 seems to be dead! * Closing connection 7 * TLSv1.2 (OUT), TLS header, Unknown (21): * TLSv1.2 (OUT), TLS alert, decode error (562): * Hostname in DNS cache was stale, zapped * Trying 10.192.88.222:8089... * Connected to lflvsplunksh01 (10.192.88.222) port 8089 (#8) * ALPN, offering h2 * ALPN, offering http/1.1 * TLSv1.0 (OUT), TLS header, Certificate Status (22): * TLSv1.3 (OUT), TLS handshake, Client hello (1): * TLSv1.2 (IN), TLS header, Certificate Status (22): * TLSv1.3 (IN), TLS handshake, Server hello (2): * TLSv1.2 (IN), TLS header, Certificate Status (22): * TLSv1.2 (IN), TLS handshake, Certificate (11): * TLSv1.2 (IN), TLS header, Certificate Status (22): * TLSv1.2 (IN), TLS handshake, Server key exchange (12): * TLSv1.2 (IN), TLS header, Certificate Status (22): * TLSv1.2 (IN), TLS handshake, Server finished (14): * TLSv1.2 (OUT), TLS header, Certificate Status (22): * TLSv1.2 (OUT), TLS handshake, Client key exchange (16): * TLSv1.2 (OUT), TLS header, Finished (20): * TLSv1.2 (OUT), TLS change cipher, Change cipher spec (1): * TLSv1.2 (OUT), TLS header, Certificate Status (22): * TLSv1.2 (OUT), TLS handshake, Finished (20): * TLSv1.2 (IN), TLS header, Finished (20): * TLSv1.2 (IN), TLS header, Certificate Status (22): * TLSv1.2 (IN), TLS handshake, Finished (20): * SSL connection using TLSv1.2 / ECDHE-RSA-AES256-GCM-SHA384 * ALPN, server did not agree to a protocol * Server certificate: * subject: CN=SplunkServerDefaultCert; O=SplunkUser * start date: Apr 19 22:58:51 2023 GMT * expire date: Apr 18 22:58:51 2026 GMT * issuer: C=US; ST=CA; L=San Francisco; O=Splunk; CN=SplunkCommonCA; emailAddress=support@splunk.com * SSL certificate verify result: self-signed certificate in certificate chain (19), continuing anyway. * TLSv1.2 (OUT), TLS header, Supplemental data (23): > POST /services/auth/login HTTP/1.1 > Host: lflvsplunksh01:8089 > User-Agent: insomnia/2023.4.0 > Content-Type: application/json > Accept: */* > Content-Length: 52 | { | "username": "a0493110", | "password": "mypassword" | } * TLSv1.2 (IN), TLS header, Supplemental data (23): * Mark bundle as not supporting multiuse < HTTP/1.1 400 Bad Request < Date: Tue, 08 Aug 2023 22:23:10 GMT < Expires: Thu, 26 Oct 1978 00:00:00 GMT < Cache-Control: no-store, no-cache, must-revalidate, max-age=0 < Content-Type: text/xml; charset=UTF-8 < X-Content-Type-Options: nosniff < Content-Length: 129 < Connection: Keep-Alive < X-Frame-Options: SAMEORIGIN < Server: Splunkd * TLSv1.2 (IN), TLS header, Supplemental data (23): * Received 129 B chunk * Connection #8 to host lflvsplunksh01 left intact Any help would be greatly appreciated.  I want to get it working first in Insomnia then in a .net client I am writing. ... View more