Jump to content

Using API after Disabling Anonymous Logins


oconnor

Recommended Posts

This should be very simple, but we can't figure it out.

We have been using PasswordState APIs Anonymously until or Information Security group discovered that there wasn't very good auditing because it was all, well, Anonymous.

So we disabled it, but now we can't figure out how to use credentials with our API calls.  None of the documentation makes reference to it.  It's as if everyone uses Anonymous API calls.

 

This documented process no longer works for any of our scripts:

    # PowerShell Request
    $PasswordstateUrl = 'https://passwordstate/api/passwords/<PasswordID>'
    Invoke-Restmethod -Method GET -Uri $PasswordstateUrl -Header @{ "APIKey" = "<apikey>" }

It returns with this error:

Invoke-Restmethod : [{"errors":[{"message":"Forbidden"},{"phrase":"Making calls to the Anonymous API is not allowed. Please refer to your Passwordstate Security
Administrators for more information."}]}]

 

Which is obvious, because we were forced to disable it.  But how can we make it not anonymous?

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...