Does the fleet api use basic auth? I keep getting "Authentication failed" when trying to hit the api:

$ curl -u "brandon.klise:XXXX" -X GET <https://fleet.quiq.sh/api/v1/kolide/hosts>
{
  "message": "Authentication Failed",
  "errors": [
    {
      "name": "base",
      "reason": "username or email and password do not match"
    }
  ]
}

No, each API request is expected to include a session token. Take a look at the requests the browser is sending in the UI.

@zwass ok so I see that the request uses a bearer token, but how can I get a bearer token through the api?

With the login endpoint. Have you taken a look at

fleetctl

? It's possible that whatever you are trying to achieve would be easier through scripting that.

Awesome, thanks! I've used fleetctl a lot, but it doesn't have functionality to get/delete hosts.

Check out

fleetctl get hosts

which was added recently (https://github.com/kolide/fleet/pull/1977)! Deleting you would still have to do through the API, but we could explore how to add this.

@zwass one more question - when making a DELETE call to

/api/v1/kolide/hosts/<host>

, what value is expected for

<host>

?

I believe it would be the numeric ID.

@zwass would you be able to assist me with using the login api and also an easy way to find the numeric ID to use the DELETE call after I login.