Way to access authtoken via API?

1,487 views
Skip to first unread message

Jonathan Dunn

unread,
Aug 21, 2012, 10:45:01 AM8/21/12
to rundeck...@googlegroups.com
I have a job that calls a script that uses the API to delete job definitions from a RunDeck project.  In order for the script to work, the curl command requires an authtoken.  The authtoken was generated by logging into RunDeck as the admin user and generating one.

Somehow, the authtoken that was generated for the admin user disappeared.  I think it was because we stopped and restarted the RunDeck instance, but I'm not sure. 

Because I have no way via the API to query the authtoken, my script had the authtoken hard coded into the curl command, which now does not work. 

I can generate a new authtoken, but this requires the script to be updated (which requires a source file to be updated, a build to be run and deployed, and a file updated in source control).  This is an inefficient and unstable way to maintain my working RunDeck environment.

If I were able to query the authtoken(s) available from the admin user, I could add that logic to my script and not have to hard code in the authtoken string to my curl command.

Is this possible?

Charles Scott

unread,
Aug 21, 2012, 10:59:57 AM8/21/12
to rundeck...@googlegroups.com
I am reviewing recent contribution to the rundeck client api, which a pull request features.  This method may be what you need, however,may depend on Rundeck API v5.



    /**
     * Generate a new token and get the result page (which is the html page of the user's profile)
     * 
     * @param username - mandatory
     * @return an {@link InputStream} instance, not linked to any network resources - won't be null
     * @throws RundeckApiException in case of error when calling the API (non-existent name or project with this name)
     * @throws RundeckApiLoginException if the login fails (in case of login-based authentication)
     * @throws RundeckApiTokenException if the token is invalid (in case of token-based authentication)
     * @throws IllegalArgumentException if the name or project is blank (null, empty or whitespace)
     */
    public InputStream generateToken(String username) throws RundeckApiException, RundeckApiLoginException,
            RundeckApiTokenException, IllegalArgumentException {
        AssertUtil.notBlank(username, "the username is mandatory to generate the token");
        return new ApiCall(this).getNonApi(new ApiPathBuilder("/user/generateApiToken?login=", username));
    }

I can defer to Greg to see if this method is part of v5 and if so, will be part of an upcoming Rundeck 1.4.4 release.

Chuck

Greg Schueler

unread,
Aug 21, 2012, 1:14:40 PM8/21/12
to rundeck...@googlegroups.com
Hi,

There has been interest in adding a new API endpoint for creating/retrieving auth tokens, but it hasn't been implemented.  We don't have a release date finalized for 1.4.4, so I'm not sure if it will be in API v5 yet.

Charles Scott

unread,
Nov 13, 2012, 11:32:36 PM11/13/12
to rundeck...@googlegroups.com
Since 1.4.4 has been released, is there documentation for this?    

I have looked here:  http://rundeck.org/docs/api/index.html#token-authentication, however it just says:

 you must first log in to the Rundeck GUI using a user account that has "admin" credentials.

Greg Schueler

unread,
Nov 14, 2012, 12:42:06 PM11/14/12
to rundeck...@googlegroups.com
Hi Chuck,

this feature was not added in 1.4.4
Reply all
Reply to author
Forward
0 new messages