How to authenticate an on demand API call made via splunk?

Question

I am thinking of developing an API in Python using Flask library. I learnt the below. It has a /auth to just take any username and password and save it in database i.e. for registration. It has a /login to take username, password and validate it with database and then send a token. It then has a /xx call to take the token, validate the identity of user and return him with the requested data.

I am now trying to understand the below.
If I make an API call via custom script execution on SPLUNK to this API that I will develop, how will I pass Splunk login credentials to the API and how will the API make sure that they are correct?

score 1 · Answer 1 · answered Mar 26 '20 at 10:04

Are you trying to get Splunk to call an API, or are you trying to call a Splunk API from an external script. You have explained the process for calling a Splunk API, but should you want Splunk to call an API, you can follow the mechanism outlined at https://www.splunk.com/en_us/blog/tips-and-tricks/securely-storing-accessing-passwords-for-alert-action-scripts.html or https://www.splunk.com/en_us/blog/tips-and-tricks/securely-storing-accessing-passwords-for-alert-action-scripts.html for saving credentials in Splunk securely.

I need to call an API via custom https call. Thanks, going through it. — SmiP, Mar 31 '20 at 18:58

How to authenticate an on demand API call made via splunk?

1 Answers1