/build/static/layout/Breadcrumb_cap_w.png

KACE API Authentication

We are currently using KACE v13 and are in the process of authenticating the API based on the provided documentation and the discussions on this forum. 


I've successfully utilized the /api/security/login endpoint, obtaining headers such as Set-Cookie and x-kace-authorization. When using Postman, the cookies are automatically set, enabling me to receive data through successful GET requests.


However, when I attempt to employ these headers by setting them as 'cookie: the Set-Cookie value' and 'x-kace-csrf-token: the x-kace-authorization value', in addition to 'x-kace-api-version', content-type, and accept headers in my script, I encounter an error message stating, "Authentication credentials were not provided."


Is there another type of header that we should be using for authentication?

Thank you in advance 


0 Comments   [ + ] Show comments

Answers (1)

Posted by: Unsullied 5 months ago
Senior White Belt
0

Hi KD345,

Here's an example of a my HTTP request while using Microsoft Power Automate flows. You may refer to the cookie & headers. 
Do sanitise the 'Set-Cookie' response & maintain the JWT token for every subsequent request.

{
   "uri":"https://kacetest.com/api/inventory/machines?filtering=machine.name eq xxxx",
   "method":"GET",
   "cookie":"kboxid=abc123xxx;x-kace-auth-jwt=abc.123.xyz; expires=Sun, 29-Sep-2024 03:51:40 GMT; Max-Age=31622400;KACE_LAST_ORG_SECURE=xxxx; expires=Sun, 29-Sep-2024 03:51:40 GMT; Max-Age=31622400;",
   "headers":{
      "Accept":"application/json",
      "Content-Type":"application/json",
      "x-kace-api-version":"13",
      "x-kace-authorization":"Bearer abc.123.xyz"
   }
}


Hope this helps. Cheers

 
This website uses cookies. By continuing to use this site and/or clicking the "Accept" button you are providing consent Quest Software and its affiliates do NOT sell the Personal Data you provide to us either when you register on our websites or when you do business with us. For more information about our Privacy Policy and our data protection efforts, please visit GDPR-HQ