I am unable to get access token of dynatrace via REST api. I have used the sample REST call provided in the dynatrace documentation but still cannot get the token, but I can log into the account on the portal using these credentials. I have signed up for a free trial account on dynatrace synthetic. Are there any permissions need to be given in order to use APIs.
GET https://datafeed-api.dynatrace.com/publicapi/rest/v1.0/login?
user=sampleuser&password=samplepw HTTP/1.1
Accept-Encoding: gzip,deflate
Accept: application/json
User-Agent: Jakarta Commons-HttpClient/3.1
Host: datafeed-api.dynatrace.com`enter code here`
I get "Invalid username or password"
This means either the account has expired or your username + password are incorrect.
Related
I'm running an eks cluster, installed k8s dashboard etc. All works fine, I can login in the UI in
http://localhost:8001/api/v1/namespaces/kubernetes-dashboard/services/https:kubernetes-dashboard:/proxy/#/login
Is there a way for me to pass the token via the url so I won't need a human to do this?
Thanks!
Based on official documentation it is impossible to put your authentication token in URL.
As of release 1.7 Dashboard supports user authentication based on:
Authorization: Bearer <token> header passed in every request to Dashboard. Supported from release 1.6. Has the highest priority. If present, login view will not be shown.
Bearer Token that can be used on Dashboard login view.
Username/password that can be used on Dashboard login view.
Kubeconfig file that can be used on Dashboard login view.
As you can see, only the first option bypasses the Dashboard login view. So, what is Bearer Authentication?
Bearer authentication (also called token authentication) is an HTTP authentication scheme that involves security tokens called bearer tokens. The name “Bearer authentication” can be understood as “give access to the bearer of this token.” The bearer token is a cryptic string, usually generated by the server in response to a login request. The client must send this token in the Authorization header when making requests to protected resources:
You can find more information about Baerer Authentication here.
The question now is how you can include the authentication header in your request. There are many ways to achieve this:
curl command - example:
curl -H "Authorization: Bearer <TOKEN_VALUE>" <https://address-your-dashboard>
Postman application - here is good answer to set up authorization header with screenshots.
reverse proxy - you can be achieve this i.e. by configuring reverse proxy in front of Dashboard. Proxy will be responsible for authentication with identity provider and will pass generated token in request header to Dashboard. Note that Kubernetes API server needs to be configured properly to accept these tokens. You can read more about it here. You should know, that this method is potentially insecure due to Man In The Middle Attack when you are using http.
You can also read very good answers to the question how to sign in kubernetes dashboard.
I am trying to access the new account API (Not the Admin) in keycloak 4.8.3 . I am trying to do :
GET "/auth/realms/{realm}/account/credentials/password" endpoint (Based on the AccountRestServiceTest.java)
with the account owner's token. Getting a 404 error.
I have started the sever with preview features
bin/standalone.bat -Dkeycloak.profile=preview
I have tried to add profile.properites file with profile=preview options
and the user has "manage-account","view-profile" account roles
What am i doing wrong here?
I'm facing the same problem and i found a solution.
You need to add the HTTP header Accept with the value application/json to your request.
Because AccountRestService is only accessible if headers Accept or Content-Type are application/json.
I am unable to POST to https://ci.server.com/api/v1/teams/main/pipelines/test/jobs/hello-world/builds despite using the Auth bearer token as a header.
There is no issue with GET commands, using POSTMAN to test - is there some other auth required for POST?
I am following this doc for reference.
I am able to get information for secure gateway, which is already created. But when I am trying to create a new secure gateway from the REST API, it is asking for authentication. I have tried to provide the authentication information two ways:
I have provided the oauth authorization header obtained from the cf oauth-token, but it gives me an unauthorized error.
I have given basic authentication (username and password of the Bluemix account) information, but it gives me an unauthorized error.
Note: I am using postman for this operation
Postman details:
url: https://sgmanager.au-syd.bluemix.net/v1/sgconfig?org_id=girishxxxxxxx#gmail.com&space_id=Equxxxxx
It is also saying "Invalid org_id", but the org_id is valid.
To create a gateway via the SG API, your request will need the query parameters ord_id and space_id (the guids, not the friendly names). The authorization header will be Basic <your_base64_encoded_username:password> or Bearer <bluemix_token>. For example:
curl "https://sgmanager.au-syd.bluemix.net/v1/sgconfig?org_id=myOrgGuid&space_id=mySpaceGuid" -H "Authorization: Basic dXNlcm5hbWU6cGFzc3dvcmQ=" -d '{"desc":"My Gateway"}'
I am learning Google Cloud Storage, the JSON api, simple upload:
https://cloud.google.com/storage/docs/json_api/v1/how-tos/simple-upload
The example says to send a post looking like this:
POST https://www.googleapis.com/upload/storage/v1/b/myBucket/o?uploadType=media&name=myObject HTTP/1.1
Content-Type: image/jpeg
Content-Length: [NUMBER_OF_BYTES_IN_FILE]
Authorization: Bearer [YOUR_AUTH_TOKEN]
[JPEG_DATA]
And then I created a "Service accounts" API.
But how do I figure out the [YOUR_AUTH_TOKEN] to use from my newly created Service account?
Google Cloud uses OAuth 2.0 to handle authentication. There are a variety of techniques for generating a token depending on your needs. If you're writing a program using one of Google's client libraries, the details are mostly taken care of for you. Google has a lengthy guide on the nitty-gritty: https://developers.google.com/identity/protocols/OAuth2
You are looking to authenticate as a service account. Service accounts generally authenticate by creating a token request document called a JWT, signing it with a private key associated with the service account, then exchanging the JWT with Google for a token. This process is described over here: https://developers.google.com/identity/protocols/OAuth2#serviceaccount
From your desktop, if you want to auth as a service account, one easy way is to use gcloud to authenticate as a service account and then ask it for a token:
$> gcloud auth activate-service-account myaccount#gserviceaccounts.com --key-file=creds.json
$> gcloud auth print-access-token