Invoke-Web Request Examples?

LogZ · January 9, 2020, 3:13pm

Just curious if anyone has had any luck using Power-Shell to retrieve secrets? If so, it would be very helpful if I you could list some examples.

jake · January 9, 2020, 3:22pm

I know @AndrewCopeland worked on some Conjur x Power-Shell stuff a while back. Have you tried https://github.com/cyberark/conjur-api-powershell?

joe.garcia · January 9, 2020, 3:34pm

PS /Users/joegarcia> $ConjurAccount = "cyberarkdemo"
PS /Users/joegarcia> $URI = "https://dap.joegarcia.dev/authn/${ConjurAccount}/login"
PS /Users/joegarcia> $ConjurUserPass = Get-Credential

PowerShell credential request
Enter your credentials.
User: admin
Password for user admin: *********

PS /Users/joegarcia> Invoke-WebRequest -URI $URI -Authentication Basic -Credential $ConjurUserPass -Method GET

StatusCode        : 200
StatusDescription : OK
Content           : [redacted]
RawContent        : HTTP/1.1 200 OK
                    Server: nginx
                    Date: Thu, 09 Jan 2020 15:33:18 GMT
                    Transfer-Encoding: chunked
                    Connection: keep-alive
                    X-Frame-Options: SAMEORIGIN
                    X-XSS-Protection: 1; mode=block
                    X-Content-Type-Options: …
Headers           : {[Server, System.String[]], [Date, System.String[]], [Transfer-Encoding, System.String[]], [Connection, System.String[]]…}
Images            : {}
InputFields       : {}
Links             : {}
RawContentLength  : 55
RelationLink      : {}

Here’s a quick example I just did on how to turn in a username + password to the /login endpoint to retrieve the user’s API Key.

LogZ · January 9, 2020, 3:36pm

Both of these Looks Great! I am excited to try them Thank you!

joe.garcia · January 9, 2020, 3:37pm

The secret comes in the Content key’s value in the returned response. I’ve redacted mine in the example provided.

LogZ · January 9, 2020, 4:40pm

Hey Joe,

Running into an issue with “-Authentication” not being a valid parameter, if I remove the option it states “Authorization Missing”. Any Suggestions on how to overcome?

Thank you!

AndrewCopeland · January 9, 2020, 4:54pm

If -Authentication does not work I would recommend making the Authorization header yourself.

This can be done by doing the follow:

$url = "$ConjurApplianceUrl/authn/$ConjurAccount/login"
$method = "GET"
$base64 = [Convert]::ToBase64String([Text.Encoding]::ASCII.GetBytes(("{0}:{1}" -f $ConjurUsername, $ConjurPassword)))
$basicAuthHeader = @{"Authorization"="Basic $base64"}
$response = Invoke-RestMethod -Uri $url -Method $method -Header $basicAuthHeader

Hopefully that helps.

Regards,
Andrew

LogZ · January 9, 2020, 5:19pm

This worked! Thank you Both! this was extremely helpful!

jake · January 9, 2020, 5:26pm

Moved to #conjur category

system · January 16, 2020, 5:26pm

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
REST API via Ansible Secrets Management - Conjur, Secrets Hub & CP	6	1018	December 6, 2019
Conjur Integration Urban Code Secrets Management - Conjur, Secrets Hub & CP	3	632	January 28, 2020
Conjur API collection Secrets Management - Conjur, Secrets Hub & CP	6	1202	December 11, 2019
Problem accessing the UI Secrets Management - Conjur, Secrets Hub & CP	7	2836	October 7, 2019
API Key Authentication Documentation Clarification Secrets Management - Conjur, Secrets Hub & CP	4	436	October 7, 2021

Invoke-Web Request Examples?

Related Topics