Hi
I am writing a small app in Go to log in to AWX and launch a job template.
I was trying to use /api/v2/authtoken but I have seen from github that this seems to be removed.
I get “detail”: “The requested resource could not be found.” on the api
What is the correct way now to authenticate via api?
Thanks
Hi Katie,
The AuthToken has been removed in favor of the new OAuth2 feature. It sounds like you will want to make an application for your Go app, then create a token for that app in AWX. You can then use this token to access different AWX resources as you would have with the AuthToken. An example curl, in your case would look something like this:
curl -k -H “Authorization: Bearer ApCNuexGwyZ5mIEiQvnSMIDbDLFDGx” -H “Content-Type: application/json” -X POST \
-d ‘{}’ \
https://localhost:8043/api/v2/job_templates/5/launch/ | python -m json.tool
Note: You will need to set your token scope to ‘write’ in order to run jobs. Also, you can drop the | python -m json.tool at the end, that is just to format it nicely.
Related ML Post
More info on OAuth2 Usage
Thanks,
Christian
Thanks for your reply Christian.
I have tried to create the application using :
applicationUrl := “http:///api/v2/applications/”
applicationApiValues := map[string]string{“name”: “test”, “user”: “4”, “client_type”: “confidential”, “redirect_uris”: “http:///api/o/authorize”,
“authorization_grant_type”: “authorization-code”, “skip_authentication”: “false”}
but I get :
{“detail”:“Authentication credentials were not provided.”}
401 Unauthorized
How do you authenticate first? I tried to post to http:///api/login but I do not know what the csrf token should be.
What is the correct way to authenticate programmatically first before I create the application?
You must be authenticated to AWX to create an application. Presumably, at this point you don’t have a token, so you will have to use basic authentication. For a curl, this would look something like:
curl -ku user:password -H “Content-Type: application/json” -d ‘{“name”: “Go Application”, “client_type”: “confidential”, “redirect_uris”: “http://localhost:8013/api/”, “authorization_grant_type”: “authorization-code”, “organization”: 1}’ -X POST http://localhost:8013/api/v2/applications/
The -u user:password is what is missing from yours currently. The Authorization code grant is intended to have a human component, a logged in AWX user with proper permissions has to click “Authorize” for each token created using this flow. If you are creating the application and tokens completely programmatically, you will want to use the “password” grant type. Below is an example curl for creating the application.
curl -ku user:password -H “Content-Type: application/json” -d ‘{“name”: “Go Application”, “client_type”: “confidential”, “authorization_grant_type”: “password”, “organization”: 1}’ -X POST http://localhost:8013/api/v2/applications/
This can also be done with an OAuth2 token instead of Basic Auth, after you have issued one.
Thanks,
Christian