Invoke-Web Request Examples?

Just curious if anyone has had any luck using Power-Shell to retrieve secrets? If so, it would be very helpful if I you could list some examples.

1 Like

I know @AndrewCopeland worked on some Conjur x Power-Shell stuff a while back. Have you tried

PS /Users/joegarcia> $ConjurAccount = "cyberarkdemo"
PS /Users/joegarcia> $URI = "${ConjurAccount}/login"
PS /Users/joegarcia> $ConjurUserPass = Get-Credential

PowerShell credential request
Enter your credentials.
User: admin
Password for user admin: *********

PS /Users/joegarcia> Invoke-WebRequest -URI $URI -Authentication Basic -Credential $ConjurUserPass -Method GET

StatusCode        : 200
StatusDescription : OK
Content           : [redacted]
RawContent        : HTTP/1.1 200 OK
                    Server: nginx
                    Date: Thu, 09 Jan 2020 15:33:18 GMT
                    Transfer-Encoding: chunked
                    Connection: keep-alive
                    X-Frame-Options: SAMEORIGIN
                    X-XSS-Protection: 1; mode=block
                    X-Content-Type-Options: …
Headers           : {[Server, System.String[]], [Date, System.String[]], [Transfer-Encoding, System.String[]], [Connection, System.String[]]…}
Images            : {}
InputFields       : {}
Links             : {}
RawContentLength  : 55
RelationLink      : {}

Here’s a quick example I just did on how to turn in a username + password to the /login endpoint to retrieve the user’s API Key.


Both of these Looks Great! I am excited to try them Thank you!


The secret comes in the Content key’s value in the returned response. I’ve redacted mine in the example provided.

1 Like

Hey Joe,

Running into an issue with “-Authentication” not being a valid parameter, if I remove the option it states “Authorization Missing”. Any Suggestions on how to overcome?

Thank you!

1 Like

If -Authentication does not work I would recommend making the Authorization header yourself.

This can be done by doing the follow:

$url = "$ConjurApplianceUrl/authn/$ConjurAccount/login"
$method = "GET"
$base64 = [Convert]::ToBase64String([Text.Encoding]::ASCII.GetBytes(("{0}:{1}" -f $ConjurUsername, $ConjurPassword)))
$basicAuthHeader = @{"Authorization"="Basic $base64"}
$response = Invoke-RestMethod -Uri $url -Method $method -Header $basicAuthHeader

Hopefully that helps.


1 Like

This worked! Thank you Both! this was extremely helpful!

1 Like

Moved to #conjur category

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.