Does the fleet api use basic auth I keep getting Authenticat osquery #kolide

Does the fleet api use basic auth? I keep getting ...

b

brandon

02/12/2019, 5:11 PM

Does the fleet api use basic auth? I keep getting "Authentication failed" when trying to hit the api:

Copy code

$ curl -u "brandon.klise:XXXX" -X GET <https://fleet.quiq.sh/api/v1/kolide/hosts>
{
  "message": "Authentication Failed",
  "errors": [
    {
      "name": "base",
      "reason": "username or email and password do not match"
    }
  ]
}

z

zwass

02/12/2019, 5:19 PM

No, each API request is expected to include a session token. Take a look at the requests the browser is sending in the UI.

b

brandon

02/12/2019, 5:27 PM

@zwass ok so I see that the request uses a bearer token, but how can I get a bearer token through the api?

z

zwass

02/12/2019, 5:27 PM

With the login endpoint. Have you taken a look at

fleetctl

? It's possible that whatever you are trying to achieve would be easier through scripting that.

b

brandon

02/12/2019, 5:29 PM

Awesome, thanks! I've used fleetctl a lot, but it doesn't have functionality to get/delete hosts.

z

zwass

02/12/2019, 5:34 PM

Check out

fleetctl get hosts

which was added recently (https://github.com/kolide/fleet/pull/1977)! Deleting you would still have to do through the API, but we could explore how to add this.

b

brandon

02/12/2019, 5:47 PM

@zwass one more question - when making a DELETE call to

/api/v1/kolide/hosts/<host>

, what value is expected for

<host>

?

z

zwass

02/12/2019, 5:47 PM

I believe it would be the numeric ID.

👍 1

t

Tim

04/29/2019, 10:05 PM

@zwass would you be able to assist me with using the login api and also an easy way to find the numeric ID to use the DELETE call after I login.

3 Views