• Overview
  • Introduction and overview
    • Components
    • Appearance
    • REST API
    • Applications
    • Help
• Architecture
  • Components
    • Processes
    • Configuration files
• Splunk Web appearance
  • How Splunk Uses Skins
    • Skins css Files
    • Images/skins directory
  • Add or remove themes
    • Create a new skin
    • Example
  • Dashboard customization
    • Configuration
    • List modules
    • Add search modules
    • Add html modules
    • Link dashboard to user
• REST API
  • Splunk's REST API
    • Using REST Methods
    • Splunk REST endpoint mappings
    • HTTP ports Splunk uses
    • Examples
  • Get started
    • Send a request
    • Get a response
  • Output formats via XML
    • Example Generic Response
    • Example Generic Response with Messaging
    • Generic Response with Messaging (via error codes)
    • Example Atom Feed Response
    • Example Atom Feed with Messaging
    • Example Atom Entry Response
  • SDKs
    • Python SDK
  • Create a custom endpoint
    • Make a custom application directory
    • Write a handler script
    • Configure restmap.conf
    • Restrict endpoint access
    • Add supporting configuration files
• Auth
  • Authentication Methods
    • HTTP header auth
    • HTTP digest
    • URL Parameters
  • Authentication Endpoint
    • Login
  • Authentication examples
    • Command Line
    • Python SDK
    • Other Python example
• Properties
  • Properties Endpoint
    • Properties
    • $FILE_NAME
    • $STANZA_NAME
    • $KEY_NAME
    • PropertiesNS
  • Configuration file access with Python
    • Configuration
    • Example
• Search
  • Search Overview
    • Handling Search Results
    • Result Formats
  • Search Endpoint
    • Jobs
    • Search ID
    • Events
    • Results
    • Timeline
    • Summary
    • Control
  • Search with the Python SDK
    • Create a search
    • Work with search results
    • Examples
  • Custom search scripts
    • Configuration files
    • Working with results
    • Authenticate
    • Example
• Saved
  • Saved Endpoint
    • Searches
    • $SAVED_SEARCH_NAME
• Streams
  • Streams Endpoint
    • Search
    • Livetail
• Applications
  • Developer applications overview
  • Applications Endpoint
    • Local
    • $APP_NAME
    • Remote Entries
    • Remote $APP_NAME
    • Category Path
    • Remote Login
• SplunkBase
  • SplunkBase API
    • Apps
    • Types
    • Category Path
    • Entries
    • App Name
• Legacy
  • Legacy methods
    • $LEGACY_METHOD_NAME

Authentication Endpoint

Use the authentication endpoint at /services/auth/ to authenticate any of your HTTP requests. Currently, the only endpoint available through auth is login.

Login

Provides a login interface for user authentication.

POST

Returns a session key to use when making REST calls to splunkd.

Response

Examples

curl

Sample curl request for a session ID:

curl -k 'https://localhost:8089/services/auth/login' -d"username=admin&password=changeme"

<response>
<sessionKey>aeae5bd9521f714eddebb6dcb989f25e</sessionKey>

This generates a session ID you can use for any other requests.

Save your session ID:

export SPLUNK_AUTH_TOKEN=`curl -k $SPLUNK_URL/auth/login -d"username=admin&password=changeme" 2>/dev/null | grep sessionKey | sed s@'.*<sessionKey>\(.*\)</sessionKey>'@'\1'@`

This saves your session ID to SPLUNK_AUTH_TOKEN.

wget

The following example uses wget and outputs the session ID to a file called testme.

wget -O testme --no-check-certificate --post-data="username=admin&password=changeme" "localhost:8089/services/auth/login"