All Apps and Add-ons

How do I do simple token based authentication with the REST modular TA?

centrafraserk
Path Finder

This seems like it should be really simple but I am having trouble wrapping my head around the different types of authentication available in the REST modular TA. Basically I am working with a NetBox instance and I am trying to pull in json data via the REST API. I am able to get data directly from the server by running this simple curl command:

curl -X GET --header 'Accept: application/json' --header 'Authorization: Token redactedtoken' 'https://netbox.mydomain.com/api/circuits/circuits/' --insecure

This returns the expected data running it directly on the OS. I do not think this is standard oath1 or oath2, but maybe on of those options can still work for this use case? I tried oath2 by setting the Token Type to "Token" and then entering my token value in the token field, but I receive an error stating that Token is not a valid type of Token. I have also tried putting "Authorization: Token redactedtoken" in the custom header field, and it does not parse that correctly as a header either and throws errors.

I can access parts of the API that do not require credentials, so I know that splunk can make the connection. I feel like I am missing something extremely simple, any thoughts would be appreciated. Even finding a way to log what curl command the rest.py script is trying to use would go a long way in figuring out what fields my information needs to go in.

0 Karma
1 Solution

Damien_Dallimor
Ultra Champion

Without seeing your actual config or any logs , this answer is merely a guess.

In the custom header field , the key : value is "=" delimited (mentioned in the annotation and example directly under the text entry field on the setup screen).

So :

Authorization=Token redactedtoken

View solution in original post

0 Karma

Damien_Dallimor
Ultra Champion

Without seeing your actual config or any logs , this answer is merely a guess.

In the custom header field , the key : value is "=" delimited (mentioned in the annotation and example directly under the text entry field on the setup screen).

So :

Authorization=Token redactedtoken
0 Karma

centrafraserk
Path Finder

Thank you this is correct, but now i don't see the json input anymore. I think the netbox server has limits, i will challenge them. Thank you so much! I appreciate your help!

0 Karma
Get Updates on the Splunk Community!

Extending Observability Content to Splunk Cloud

Register to join us !   In this Extending Observability Content to Splunk Cloud Tech Talk, you'll see how to ...

What's new in Splunk Cloud Platform 9.1.2312?

Hi Splunky people! We are excited to share the newest updates in Splunk Cloud Platform 9.1.2312! Analysts can ...

What’s New in Splunk Security Essentials 3.8.0?

Splunk Security Essentials (SSE) is an app that can amplify the power of your existing Splunk Cloud Platform, ...