I was taking a look through the Conjur REST API documentation available at:
I noticed that “Password and API Key” are available as (seemingly direct) authentication methods against the APIs instead of the token method.
I have been trying the base64 encoded method using the following header configuration:
'Authentication': 'Basic base64_enc_string'
base64_enc_string is created using the methods outlined in the first 2 steps of the linked documentation above:
- Create the authentication string by concatenating the role’s name, a literal colon character “:” and password or API key.
- Base64 encode the resulting authentication string.
There are two items I am unsure of:
- What would the “role’s name” be for an API Key?
- Is this even possible, where you can use this base64 encoded API Key authentication method to make calls to all Conjur APIs?
Am I interpreting the documentation incorrectly where it says the following:
The REST API accepts the following three forms of authentication: * Password * API key * Access token
Thanks in advance!