Log Insight 3.3 introduced an authentication API. In this post I would like to discuss what it, why do you need it, and how do you use it. Read on to learn more!
What is it?
Enables remote client to programmatically authenticate with the Log Insight platform to perform certain operations.
Why do you need it?
To leverage any API features that require authentication, which includes:
- Query API
- Log Insight Importer
I will be covering these new features in a future posts.
How do you use it?
You make a POST request to https://LOGINSIGHT/api/v1/sessions (note http will not work). The request must have a header with the content-type set to application/json. In addition, three options need to be passed in the body:
- provider: <Local|ActiveDirectory> (note case-sensitive)
- username
- password
An example of calling the API would be:
curl -sk
-X POST
-H 'Content-Type: application/json'
-d '{"provider":"Local","username":"admin","password":"changeme1!"}'
https://loginsight.example.com/api/v1/sessions
And the response would look something similar to:
{
"userId": "00000000-0000-0000-0000-000000000002"
"sessionId":"bIYX6zlPjzbRDAB6tQkfAqbKhGgrCqfyG/u+5GPeTYAzZIfczTkbPu8WgBsR5e/VRuV8VnhS/TFZnevBALkyA+bPelj8TtLfzq5UmPDJKneqjnSn133IMRyVFIRQeeSeWCEPEsY2EOYrIedbWbTKniKDs7IIiFgDxxuoEh8yOuC5DJqgvrxsC009p67kht9kduj+u6ATAig/sM9ndV0Fq4TEHHi8pyW+O7K+7OJv/1o3CyzmuSbG7VPS0eGIERvu94fPeHBnZGMZTj0dkOIFOg==",
"ttl": 1800,
}
You could then use the sessionId for authenticated requests — more on this in future posts.
