This documentation applies to the following versions of Splunk: 4.0 , 4.0.1 , 4.0.2 , 4.0.3 , 4.0.4 , 4.0.5 , 4.0.6
The authentication endpoints are available from ../services/authentication/. Use these for getting an auth token.
/services/authentication provides administrative control for the auth system
Sends a control signal to the auth subsystem
action
[ restart | setactiveprovider ]
target
The target of the action. Only required when action=setactiveprovider
Response Status
200
User successfully authenticated
400
Did not provide target argument (with setactiveprovider)
403
User doesn't have sufficient privileges to perform action
Sample response to restart:
<response>
<messages>
<msg type="INFO">Auth system was restarted</msg>
</messages>
</response>
// sample response to setactiveprovider
<response>
<messages>
<msg type="INFO">Auth system changed to foo</msg>
</messages>
</response>
/services/authentication/login provides user authentication
Returns a session key to be used when making REST calls to splunkd
username
The Splunk account username
password
The corresponding password
200
User successfully authenticated
400
username or password not provided
401
Login credentials failed
Sample response to /services/authentication/login
<response>
<sessionKey>87ad615df536e3</sessionKey>
</response>