Authentication endpoints
This documentation does not apply to the most recent version of Splunk. Click here for the latest version.
Contents
Authentication endpoints
The authentication endpoints are available from ../services/authentication/. Use these for getting an auth token.
Authentication
/services/authentication provides administrative control for the auth system
POST
Sends a control signal to the auth subsystem
Form Arguments
action
[ restart | setactiveprovider ]
target
The target of the action. Only required when action=setactiveprovider
Response Status
200
User successfully authenticated
400
Did not provide target argument (with setactiveprovider)
403
User doesn't have sufficient privileges to perform action
Response Body
Sample response to restart:
<response>
<messages>
<msg type="INFO">Auth system was restarted</msg>
</messages>
</response>
// sample response to setactiveprovider
<response>
<messages>
<msg type="INFO">Auth system changed to foo</msg>
</messages>
</response>
login
/services/authentication/login provides user authentication
POST
Returns a session key to be used when making REST calls to splunkd
Form Arguments
username
The Splunk account username
password
The corresponding password
Response Status
200
User successfully authenticated
400
username or password not provided
401
Login credentials failed
Response Body
Sample response to /services/authentication/login
<response>
<sessionKey>87ad615df536e3</sessionKey>
</response>
This documentation applies to the following versions of Splunk: 4.2 , 4.2.1 , 4.2.2 , 4.2.3 , 4.2.4 , 4.3 View the Article History for its revisions.
The authentication endpoint is /services/auth/login (not /services/authentication/login). At least in 4.2 this is the case.