With AWX 23.5.2, I can authenticate and access the API using a browser without any issue.
However, trying to automate it with the CLI in a different matter…
Getting an OAuth 2 token:
curl -u awx_user:password -k -X POST https://awx_host/api/v2/tokens/
{
"id": 22,
"type": "o_auth2_access_token",
"url": "/api/v2/tokens/22/",
"related": {
"user": "/api/v2/users/1/",
"activity_stream": "/api/v2/tokens/22/activity_stream/"
},
"summary_fields": {
"user": {
"id": 1,
"username": "awx_user",
"first_name": "",
"last_name": ""
}
},
"created": "2024-02-06T16:03:56.006883Z",
"modified": "2024-02-06T16:03:56.018615Z",
"description": "",
"user": 1,
"token": "TlTzso87sycucOXpmsA3tTVlsNwtGj",
"refresh_token": null,
"application": null,
"expires": "3023-06-09T16:03:55.994224Z",
"scope": "write"
}
As described in the official doc, I tried to use this token to access any object, but this fails:
curl -k -X GET -H “Content-Type: application/json” -H “Authorization: Bearer TlTzso87sycucOXpmsA3tTVlsNwtGj” https://awx_host/api/v2/credentials/
<html>
<head><title>404 Not Found</title></head>
<body>
<center><h1>404 Not Found</h1></center>
<hr><center>nginx</center>
</body>
</html>
<html>
<head><title>403 Forbidden</title></head>
<body>
<center><h1>403 Forbidden</h1></center>
<hr><center>nginx</center>
</body>
</html>
<html>
<head><title>403 Forbidden</title></head>
<body>
<center><h1>403 Forbidden</h1></center>
<hr><center>nginx</center>
</body>
</html>
{"detail":"Authentication credentials were not provided. To establish a login session, visit /api/login/."}++ set +x
What is going on?
What is the correct way to use this token?