Correct way to login via api

katie111

unread,

Apr 12, 2018, 6:54:50 AM4/12/18

to AWX Project

Hi

I am writing a small app in Go to log in to AWX and launch a job template.

I was trying to use /api/v2/authtoken but I have seen from github that this seems to be removed.

I get "detail": "The requested resource could not be found." on the api

What is the correct way now to authenticate via api?

Thanks

Christian Adams

unread,

Apr 12, 2018, 10:36:32 AM4/12/18

to katie111, AWX Project

Hi Katie,

The AuthToken has been removed in favor of the new OAuth2 feature. It sounds like you will want to make an application for your Go app, then create a token for that app in AWX. You can then use this token to access different AWX resources as you would have with the AuthToken. An example curl, in your case would look something like this:

curl -k -H "Authorization: Bearer ApCNuexGwyZ5mIEiQvnSMIDbDLFDGx" -H "Content-Type: application/json" -X POST \

-d '{}' \

https://localhost:8043/api/v2/job_templates/5/launch/ | python -m json.tool

Note: You will need to set your token scope to ‘write’ in order to run jobs. Also, you can drop the `| python -m json.tool` at the end, that is just to format it nicely.

katie111

unread,

Apr 15, 2018, 6:17:10 PM4/15/18

to AWX Project

Thanks for your reply Christian.

I have tried to create the application using :

applicationUrl := "http://<awx-ip>/api/v2/applications/"

applicationApiValues := map[string]string{"name": "test", "user": "4", "client_type": "confidential", "redirect_uris": "http://<awx-ip>/api/o/authorize",

"authorization_grant_type": "authorization-code", "skip_authentication": "false"}

but I get :

{"detail":"Authentication credentials were not provided."}

401 Unauthorized

How do you authenticate first? I tried to post to http://<awx-ip>/api/login but I do not know what the csrf token should be.

What is the correct way to authenticate programmatically first before I create the application?

Christian Adams

unread,

Apr 17, 2018, 3:08:45 PM4/17/18

to katie111, AWX Project

You must be authenticated to AWX to create an application. Presumably, at this point you don’t have a token, so you will have to use basic authentication. For a curl, this would look something like:

curl -ku user:password -H "Content-Type: application/json" -d '{"name": "Go Application", "client_type": "confidential", "redirect_uris": "http://localhost:8013/api/", "authorization_grant_type": "authorization-code", "organization": 1}' -X POST http://localhost:8013/api/v2/applications/

The -u user:password is what is missing from yours currently. The Authorization code grant is intended to have a human component, a logged in AWX user with proper permissions has to click “Authorize” for each token created using this flow. If you are creating the application and tokens completely programmatically, you will want to use the “password” grant type. Below is an example curl for creating the application.

curl -ku user:password -H "Content-Type: application/json" -d '{"name": "Go Application", "client_type": "confidential", "authorization_grant_type": "password", "organization": 1}' -X POST http://localhost:8013/api/v2/applications/

This can also be done with an OAuth2 token instead of Basic Auth, after you have issued one.

Thanks,

Christian

__________________________________________________

Christian M. Adams

Associate Software Engineer at Ansible - Red Hat

University of North Carolina at Chapel Hill, Class of 2014

cha...@redhat.com | (919) 218-5080 | GitHub: rooftopcellist

To view this discussion on the web visit https://groups.google.com/d/msgid/awx-project/a4d35b88-ae10-4e5c-b794-60d57429fde4%40googlegroups.com.

Reply all

Reply to author

Forward