All Apps and Add-ons

REST API Modular Input: How to parse login API response and fetch the security token to supply as input to remaining REST API?

shreyans
Path Finder

Hi,

I am using Rest Modular Input App to fetch data and plug the data to splunk, which is working fine
but my issue is....

First REST API (which is for Login to the server) returns a security token which i have to parse the response for, fetch the security token and plug that security token to new a REST API call (that means i have to change inputs.conf file stanza)

My Question is, Is there any way to parse login API response, fetch security token from response and supply the same token to remaining REST API?

This security token will expire every hour, so I need to call login API every hour, get a new security token, and build a new API using the new security token embedded in REST API header.

Best Regards
- Shreyans Soni

1 Solution

Damien_Dallimor
Ultra Champion

You'll need to create a custom authentication handler. The REST Mod Input ships with some samples.

You add the the custom auth handler to rest_ta/bin/authhandlers.py and declare it's class name in the REST Input setup when you select the "custom" option for authentication type. You can also declare params to be passed to the custom auth handler ie: user/pass/a custom auth URL etc... , whatever params your custom auth logic requires.

You security token will be automatically persisted back to inputs.conf for you if you set it into the url args or HTTP headers.

So your custom auth handler logic could :

1) check if a security token exists in the request object and is valid (not expired)
2) if not , issue a login request , get a new token and add it to the request object
3) token will get saved for you by the REST Mod Input
4) proceed with your REST requests.

View solution in original post

Damien_Dallimor
Ultra Champion

You'll need to create a custom authentication handler. The REST Mod Input ships with some samples.

You add the the custom auth handler to rest_ta/bin/authhandlers.py and declare it's class name in the REST Input setup when you select the "custom" option for authentication type. You can also declare params to be passed to the custom auth handler ie: user/pass/a custom auth URL etc... , whatever params your custom auth logic requires.

You security token will be automatically persisted back to inputs.conf for you if you set it into the url args or HTTP headers.

So your custom auth handler logic could :

1) check if a security token exists in the request object and is valid (not expired)
2) if not , issue a login request , get a new token and add it to the request object
3) token will get saved for you by the REST Mod Input
4) proceed with your REST requests.

shreyans
Path Finder

Thanks this worked like a charm

0 Karma

Damien_Dallimor
Ultra Champion

Great , always nice to know that the theory works 🙂

0 Karma
Get Updates on the Splunk Community!

How to Monitor Google Kubernetes Engine (GKE)

We’ve looked at how to integrate Kubernetes environments with Splunk Observability Cloud, but what about ...

Index This | How can you make 45 using only 4?

October 2024 Edition Hayyy Splunk Education Enthusiasts and the Eternally Curious!  We’re back with this ...

Splunk Education Goes to Washington | Splunk GovSummit 2024

If you’re in the Washington, D.C. area, this is your opportunity to take your career and Splunk skills to the ...