Feature #8852: add token-based authentication feature for API - Foreman

Custom queries

3.14.1 release DONE
3.14.1 release TODO
3.15.2 release DONE
3.15.2 release TODO
3.16.2 release DONE
3.16.2 release TODO
All bugs by votes
All issues closed in the last 3 weeks
Easy and Trivial Issues
Easy Issues (only)
Foreman - new open issues in last 10 days
Good first issues - Foreman core
high prio open bugs
Host registration [open]
Mine
My issues closed in the last 3 weeks
old bugs
Open with target version set (aka blockers)
registration
taken-none
Team Atlas untriaged bugs
templates
Trivial Issues
Untriaged and opened in the past two weeks

Actions

Copy link

Feature #8852

open

add token-based authentication feature for API

Added by Joseph Magen almost 11 years ago. Updated over 7 years ago.

Status:

New

Priority:

Normal

Assignee:

Category:

API

Target version:

Difficulty:

Triaged:

Bugzilla link:

Pull request:

https://github.com/theforeman/foreman/pull/2052

Fixed in Releases:

Found in Releases:

Red Hat JIRA:

Related issues 3 (0 open — 3 closed)

Related to Hammer CLI - Feature #8888: hammer auth should support token based authentication	Closed	Tomáš Strachota	Actions
Related to Foreman - Feature #1301: Consider adding a per-user API key	Closed	Timo Goebel	Actions
Related to Hammer CLI - Feature #8923: Ability to use Negotiate/Kerberos authentication to API and hammer	Closed	Ondřej Ezr	Actions

Issue # Delay: days Cancel

History
Notes
Property changes

Actions

Copy link

Updated by Dominic Cleal almost 11 years ago

Of what sort? We have OAuth support (#1576), session support and #1301 suggests per-user support too, which'd be good. Not to mention SSO type auth too...

It'd be nice not to add yet more types of authentication unless necessary, each one has introduced new security flaws.

Actions

Copy link

Updated by The Foreman Bot almost 11 years ago

Status changed from Assigned to Ready For Testing
Pull request https://github.com/theforeman/foreman/pull/2052 added
Pull request deleted ()

Actions

Copy link

Updated by Joseph Magen almost 11 years ago

The idea is the same as features #1301 and #8016. The background is authenticating once with user/pass to get a token (which by default lasts for 2 hours) to make future api/calls rather sending user/pass on every API call in the header.

Actions

Copy link

Updated by Tomáš Strachota almost 11 years ago

Related to Feature #8888: hammer auth should support token based authentication added

Actions

Copy link

Updated by Dominic Cleal almost 11 years ago

Related to Feature #1301: Consider adding a per-user API key added

Actions

Copy link

Updated by Jan Pazdziora almost 11 years ago

Dominic Cleal wrote:

We have OAuth support (#1576), session support ...

How is session support related to this bearer token support? Is it the same?

Actions

Copy link

Updated by Jan Pazdziora almost 11 years ago

Related to Feature #8923: Ability to use Negotiate/Kerberos authentication to API and hammer added

Actions

Copy link

Updated by Dominic Cleal almost 11 years ago

Jan Pazdziora wrote:

Dominic Cleal wrote:

We have OAuth support (#1576), session support ...

How is session support related to this bearer token support? Is it the same?

A user who has authed via the usual login page will have a Rails session and cookie, which works to auth against the API. Katello (an Angular app I believe) relies on this as the client-side JavaScript queries the API using the active session.

Actions

Copy link