Jump to content

Using API after Disabling Anonymous Logins


oconnor
 Share

Recommended Posts

This should be very simple, but we can't figure it out.

We have been using PasswordState APIs Anonymously until or Information Security group discovered that there wasn't very good auditing because it was all, well, Anonymous.

So we disabled it, but now we can't figure out how to use credentials with our API calls.  None of the documentation makes reference to it.  It's as if everyone uses Anonymous API calls.

 

This documented process no longer works for any of our scripts:

    # PowerShell Request
    $PasswordstateUrl = 'https://passwordstate/api/passwords/<PasswordID>'
    Invoke-Restmethod -Method GET -Uri $PasswordstateUrl -Header @{ "APIKey" = "<apikey>" }

It returns with this error:

Invoke-Restmethod : [{"errors":[{"message":"Forbidden"},{"phrase":"Making calls to the Anonymous API is not allowed. Please refer to your Passwordstate Security
Administrators for more information."}]}]

 

Which is obvious, because we were forced to disable it.  But how can we make it not anonymous?

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

×
×
  • Create New...