This documentation does not apply to the most recent version of Splunk.
This documentation applies to the following versions of Splunk: 3.3 , 3.3.1 , 3.3.2 , 3.3.3 , 3.3.4 , 3.4 , 3.4.1 , 3.4.2 , 3.4.3 , 3.4.5 , 3.4.6 , 3.4.8 , 3.4.9 , 3.4.10 , 3.4.11 , 3.4.12 , 3.4.13
Use the authentication endpoint at /services/auth/ to authenticate any of your HTTP requests. Currently, the only endpoint available through auth is login.
Provides a login interface for user authentication.
Returns a session key to use when making REST calls to splunkd.
| Form | Arguments |
| username | The Splunk account username. |
| password | The corresponding password. |
| Response | Status |
| 200 | User successfully authenticated. |
| 400 | Username or password not provided. |
| 401 | Login credentials failed. |
curl
Sample curl request for a session ID:
curl -k 'https://localhost:8089/services/auth/login' -d"username=admin&password=changeme" <response> <sessionKey>aeae5bd9521f714eddebb6dcb989f25e</sessionKey>
This generates a session ID you can use for any other requests.
Save your session ID:
export SPLUNK_AUTH_TOKEN=`curl -k $SPLUNK_URL/auth/login -d"username=admin&password=changeme" 2>/dev/null | grep sessionKey | sed s@'.*<sessionKey>\(.*\)</sessionKey>'@'\1'@`
This saves your session ID to SPLUNK_AUTH_TOKEN.
wget
The following example uses wget and outputs the session ID to a file called testme.
wget -O testme --no-check-certificate --post-data="username=admin&password=changeme" "localhost:8089/services/auth/login"