/build/static/layout/Breadcrumb_cap_w.png
11/11/2018 263 views

Does anyone know if an active support license is needed for interaction with the KACE API?

After hours of working with it I finally managed to grab the much-needed csrf token using the code below.

I'm able to authenticate using a user and get the csrf token back, though I have to retrieve the csrf token via returned web session cookies and don't see it in the header or body response of the first API POST authentication call.

However, when making any subsequent requests with the modified headers that include the csrf token, I get "Unauthorized" or "Forbidden" errors for each call.

Any input would be welcome! API inventory has been enabled in System Security preferences.

$Url = "https://k1000/ams/shared/api/security/login"

$headers = @{

Accept = 'application/json'
'Content-Type' = 'application/json'
'x-dell-api-version'= '8'

}


#DECLARE TLS 1.2 as apparently CP API past Server version 5.3.1 (on 6.7 at time of writing)
[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12


$Body = @{
userName = 'username'
password = ''
organizationName = 'Workstations'
} | convertto-json

$response=Invoke-RestMethod $Url -Method Post -Headers $headers -Body $Body -ContentType 'application/json' -SessionVariable websession

$cookies = $websession.Cookies.GetCookies($url)

#get cookie
$csrf_token=$($($cookies | Select-String "KACE_CSRF_TOKEN").ToString()).Split("=")[1]

$headers2 = @{

Accept = 'application/json'
'Content-Type' = 'application/json'
organizationName = 'Workstations'
'x-dell-api-version'= '8'
'x-dell-csrf-token'= $csrf_token

}

$url2='https://k1000/api/asset/assets'

Invoke-RestMethod $url2 -Method Get -Headers $headers2 -ContentType 'application/json'


Answer Summary:
0 Comments   [ + ] Show comments

Comments


Answer Chosen by the Author

0

You are missing "-WebSession $websession" parameter in the 2nd Invoke-RestMethod call. That will carry the web-session between the 2 REST Calls.

Answered 11/12/2018 by: AbhayR
Red Belt

All Answers

0

I have a powershell module for interacting with the API, which will simplify most of this.


https://github.com/artvandelay440/KaceSMA

Answered 01/11/2019 by: isudothings
Orange Belt