ximon18
commented
11 months ago Hi @hahaEcho,
When using the default secret token based login yes you can authenticate with the API using the secret as the bearer token, e.g. at https://krill.docs.nlnetlabs.nl/en/stable/cli.html#krillc-health one can see:
$ krillc health --api
GET:
https://localhost:3000/api/v1/authorized
Headers:
Authorization: Bearer secretHowever, authenticating as a named user is more difficult, and not something we support, as you would not know the correct value of the bearer token to send with the request to authenticate. Quoting the Krill developer documentation:
NOTE: Login with distinct identities is only supported via Lagosta. The /auth/ HTTP endpoints involved are not documented as part of the Krill REST API. Technically a client could POST to them to login and get back a bearer token which could then be used with the REST API, either directly or via krillc, but it would be cumbersome to do. Proper support for clients with limited interaction capabilities to authenticate with distinct identities should probably be implemented in terms of the OAuth 2.0 Device Authorization Grant.
FYI "Lagosta" was previously the name for the Krill web UI.
Ximon
timbru
Can I use an external process to send an https request to log in to krill and access the api to get the data