DX Unified Infrastructure Management

 View Only
Expand all | Collapse all

OAuth2 with bearer tokens in RESTMon in UIM

  • 1.  OAuth2 with bearer tokens in RESTMon in UIM

    Posted Jun 14, 2021 03:27 PM
    Hello All,

     Does anyone have examples on how to use OAuth2 with bearer tokens or on how to include this type of authentication to make the profile work in RESTMon in UIM?


  • 2.  RE: OAuth2 with bearer tokens in RESTMon in UIM

    Posted Jun 14, 2021 04:12 PM
    Don't have examples, but from my notes:
    the parameters etc appear to be encoded in the token for example see https://auth0.com/learn/token-based-authentication-made-easy/

    ------------------------------
    Support Engineer
    Broadcom
    ------------------------------



  • 3.  RE: OAuth2 with bearer tokens in RESTMon in UIM

    Posted Jun 14, 2021 04:54 PM
    Hi David,

    Thank you for your reply. I saw your notes in another thread (Is it possible with UIM to monitor a non CA product trough API which has double Authentication security?) and it is very useful. But, I still have a question on how to declare the token in the schema, for example:

    For basic authentication we can do:

    "definition": {
    "resource_category": null,
    "defaults": {
    "port": 9200,
    "interval": 60,
    "httptimeout": 30000
    },
    "auth": "basic",
    "xml_ns": "",
    "name": "elasticsearch",
    "type": "http"
    },

    For the urltoken we can do something like this:
    "definition": {
    "resource_category": null,
    "defaults": {
    "checkcert": "no",
    "port": 443,
    "interval": 60,
    "httptimeout": 30000
    },
    "auth": "urltoken",
    "xml_ns": "",
    "name": "paloalto",
    "type": "https"
    },
    "urls": [{
    "src": "list",
    "xml_ns": "",
    "var": "/response/result/ifnet/entry/name",
    "id": "detail",
    "url": "/api/?type=op&cmd=<show><interface>%var</interface></show>&key=%token"
    },
    ...

    But for OAuth2 with bearer tokens I didn't seen nothing. How to use it in definition?

    "definition": {
    "auth": "OAuth2",  <--- Is it correct ?
     Where I put the token????
    Should I use addedProfileFields?

    "type": "http"
    }

    Thank you again for your reply.


  • 4.  RE: OAuth2 with bearer tokens in RESTMon in UIM

    Broadcom Employee
    Posted Jun 15, 2021 10:26 AM
    Allesandro, 

    What system are you needing to connect to?  I'm assuming it's in the cloud but need more detail from you.

    Here's another source of reference, with a sample attached:  https://community.broadcom.com/enterprisesoftware/communities/community-home/digestviewer/viewthread?MessageKey=dd47d2ac-b714-407d-b98d-972f523cc742&CommunityKey=170eb4e5-a593-4af2-ad1d-f7655e31513b&tab=digestviewer#bmdd47d2ac-b714-407d-b98d-972f523cc742

    Chris


  • 5.  RE: OAuth2 with bearer tokens in RESTMon in UIM

    Posted Jun 15, 2021 01:47 PM
    Hi Cris,

     Yes, it is a cloud platform, more specifically the cloud platform is Azure.

     Thank you for sharing, I will see it in deep detail.


  • 6.  RE: OAuth2 with bearer tokens in RESTMon in UIM

    Posted Jun 22, 2021 09:46 AM
    Hi Alessandro,
    Have you got any update? Even I am trying for Cloudflare API which is using bearer token in header. 
    Unfortunately there is no OOB Schema templates for bearer token


  • 7.  RE: OAuth2 with bearer tokens in RESTMon in UIM

    Broadcom Employee
    Posted Jun 22, 2021 10:51 AM
    Shubhojit - Refer to the paloalto_schema.json which is found in the restmon_sample_schemas. The sample schemas can be downloaded from the archive at support.nimsoft.com.  The paloalto schema uses url token but you can easily change it to bearer token.  Just change auth type to "token" rather than "urltoken".

    "definition": {
    "resource_category": null,
    "defaults": {
    "checkcert": "no",
    "port": 443,
    "interval": 120,
    "httptimeout": 30000
    },
    "addedProfileFields": [
    {
    "name": "token",
    "value": "",
    "type": "password",
    "label": "Token"
    }
    ],
    "auth": "token",
    "xml_ns": "",
    "name": "your_schema_name",
    "type": "https"
    },

    Hope that helps,
    Chris


  • 8.  RE: OAuth2 with bearer tokens in RESTMon in UIM

    Posted Jun 22, 2021 11:57 AM
    Thank you Chris. I will try to append this change.

    I hope this field value for "token" will be considered while sending the API call in api.cloudflare.com


  • 9.  RE: OAuth2 with bearer tokens in RESTMon in UIM

    Posted Jun 22, 2021 12:40 PM

    "auth": "token",

    didnt work for me in Cloudflare API




  • 10.  RE: OAuth2 with bearer tokens in RESTMon in UIM

    Broadcom Employee
    Posted Jun 22, 2021 02:56 PM
    Shubhojit, 

    I understand you have a support case opened for this.  Let's work this using the support case and then we'll provide the solution here once it's working.

    Chris


  • 11.  RE: OAuth2 with bearer tokens in RESTMon in UIM

    Posted Jun 23, 2021 07:42 AM
    Thank you Chris. 

    However I would be expecting the response from Alessandro as well, if he is able to crack it.


  • 12.  RE: OAuth2 with bearer tokens in RESTMon in UIM

    Posted Jun 23, 2021 07:56 AM
    Hi Shubhojit,

    Sorry for answering so late. I'm in the same situation as you, I opened a case too, because it is information that a customer needs and I could not provide, and he has the Azure access, I'm not. If I have any new information I will post here.

    Alessandro.


  • 13.  RE: OAuth2 with bearer tokens in RESTMon in UIM

    Posted Jun 23, 2021 11:09 AM
    Edited by Shubhojit Shil Jun 23, 2021 01:10 PM
    #restmon #bearertoken

    Hi Chris and Alessandro,
    It is working now for me and we need to make the Bearer token request in Header section.

           --------       --------       --------       --------
      "definition": {
       "resource_category": null,
       "defaults": {
        "port": 443,
        "interval": 30,
        "httptimeout": 30000,
        "headers": {
         "Authorization": "Bearer <enter-your-token-here>"
        }
       },
       "auth": "bearer",
       "xml_ns": "",
       "name": "%localservice",
       "type": "https"
      },

           --------       --------       --------       --------