FleetDM API Only user setup #8884
-
|
Hi, I should then be able to use curl or Postman to get the permanent API Token by hitting the endpoint POST /api/v1/fleet/login But I cannot get this to respond. The convention with SO seems to be adding container name to the URL, but even hitting https://domain.com/fleet/api/v1/fleet/login Gives no joy- timeout. What am I doing wrong please? |
Beta Was this translation helpful? Give feedback.
Replies: 5 comments
-
|
maybe I should re-phrase this so I'm not wasting my time if this is impossible- Does anyone have an API user working for FleetDM in Security Onion? |
Beta Was this translation helpful? Give feedback.
-
|
I have not tested the API-only user, however, it should work. My
Taking that URL & curl'ing it with my API key:
|
Beta Was this translation helpful? Give feedback.
-
|
ah good idea, thanks- will report back if I figure it out, thanks again |
Beta Was this translation helpful? Give feedback.
-
|
ok I did find this- https://defensivedepth.com/2020/04/02/kolide-fleet-breaking-out-the-osquery-api-web-ui/ Which basically notes
So it looks like incoming API calls to port 8090 will be dropped as they aren't gRPC Right now, this seems to be a feature not a bug, so I'll try to get the data another way, thanks. |
Beta Was this translation helpful? Give feedback.
-
|
ok I figured it out several months later- It's not an issue with either the nginx proxy server or the iptables firewall- the issue for me was using the wrong API endpoint FleetDM docs say to use https://domain.com/fleet/api/v1/fleet/login but for Security Onion the endpoint is https://domain.com/fleet/api/latest/fleet/login I hope this helps someone in the future |
Beta Was this translation helpful? Give feedback.
I have not tested the API-only user, however, it should work.
My
Go Tomethod when figuring stuff like this out is to pop open my browser's dev tools and watch the network requests as I navigate through the app - for instance:Taking that URL & curl'ing it with my API key: