01-13-2023 07:12 AM
I am trying to retrieve some scans and am receiving a 401 error. The access key has the System Admin role. Suggestions? Thank you.
API="https://us-east1.cloud.twistlock.com/us-2-XXXXXXXXX"
# Get Token
JWT="$(curl -s ${API}/api/v22.06/authenticate -X POST -H 'Content-Type: application/json' \
-d '{"username":"MyAccessKeyID","password":"MySecretKey"}' | jq '.["token"]' | tr -d '"' )"
# Create header with token
HEADER="Authorization: Bearer ${JWT}"
RESPONSE="$(curl -i ${API}/api/v22.06/scans -i -H '${HEADER}' -H 'content-type: application/json; charset=UTF-8' )"
echo $RESPONSE
01-13-2023 02:11 PM
Hello,
Although the HTTP standard specifies "unauthorized", the response can also potentially mean "unauthenticated" which means the client needs to authenticate itself to get the requested response. Can you please make sure you are authenticated before you call the API?
01-13-2023 02:48 PM
I am passing in a token in one of my headers. "-H '${HEADER}'" I believe this is all I need for authentication. Am I incorrect in assuming this?
01-17-2023 06:11 AM
Hello,
Thanks for reaching out. Can you please try to regenerate your token and retry API call? Please let me know if you receive the same error.
01-20-2023 11:23 AM
Although you are getting a 401, maybe this might help someone else, check your connectivity with the ping api...
curl -k \
-s \
-o /dev/null \
-w "%{http_code}\n" \
-X GET \
https://<CONSOLE>:8083/api/v1/_ping
once you get a 200 then signon...
######### Prisma Cloud SignOn ################
curl --request POST \
--url https://api.prismacloud.io/login \
--header 'accept: application/json; charset=UTF-8' \
--header 'content-type: application/json; charset=UTF-8' \
--data "{\"username\":\"${PRISMA_KEY_ID}\",\"password\":\"${PRISMA_SECRET}\",\"customerName\":\"Citrusoft\"}"
############ Prisma Cloud Compute SignOn #################
curl -k \
-H "Content-Type: application/json" \
-X POST \
-d \
"{
\"username\":\"${PRISMA_KEY_ID}\",
\"password\":\"${PRISMA_SECRET}\"
}" \
${PRISMA_CONSOLE}/api/v1/authenticate
The response contains a token; you can assign token's value to an environment variable.
export token='whatever'
Then invoke an API...
############ List Prisma Compliance Policies #################
curl -k \
-H 'Content-Type: application/json' \
-H "Authorization: Bearer $token" \
-X GET \
${PRISMA_CONSOLE}/api/v1/policies/compliance/container
######## List Prisma Cloud Compute Registries to be Scanned ##########
curl -k \
-u "${PRISMA_KEY_ID}:${PGE_PRISMA_SECRET}" \
-H 'Content-Type: application/json' \
-X GET \
"${PRISMA_CLOUD_COMPUTE_CONSOLE_API_ADDR}/api/v22.06/registry/names"
notice that i did not use the token in that last command.
hope that helps.
good luck!
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
