oVirt 4.5.2.4 api access with keycloak
Hello I have installed ovirt 4.5.2.4 and keycloak authentication is now standard. On previous installs it could be accessed via a web browser as https://engine_FQDN/ovirt-engine/api. What is the proper url syntax to work with the new keycloak way and I know the username is now admin@ovirt @internalsso? Thanks Don
On Fri, Sep 2, 2022 at 4:07 AM Don Dupuis <dondster@gmail.com> wrote:
Hello I have installed ovirt 4.5.2.4 and keycloak authentication is now standard. On previous installs it could be accessed via a web browser as https://engine_FQDN/ovirt-engine/api. What is the proper url syntax to work with the new keycloak way and I know the username is now admin@ovirt@internalsso?
Should be the same - did you try this? Had problems? Which? Best regards, -- Didi
it's tricky to access with the browser when keycloak is enabled, you first need to get the token: $ curl -k -H "Accept: application/json" 'https://engine.fqdn/ovirt-engine/sso/oauth/token?grant_type=password&username=admin@ovirt@internalsso&password=pass&scope=ovirt-app-api' {"access_token":"<token>","scope":"ovirt-app-api ovirt-ext=token-info:authz-search ovirt-ext=token-info:public-authz-search ovirt-ext=token-info:validate ovirt-ext=token:password-access","exp":"9223372036854775807","token_type":"bearer"} then use the access_token returned: $ curl -k -H "Accept: application/json" -H "Authorization: Bearer <token>" https://engine.fqdn/ovirt-engine/api On Wed, Sep 7, 2022 at 11:57 AM Yedidyah Bar David <didi@redhat.com> wrote:
On Fri, Sep 2, 2022 at 4:07 AM Don Dupuis <dondster@gmail.com> wrote:
Hello I have installed ovirt 4.5.2.4 and keycloak authentication is now standard. On previous installs it could be accessed via a web browser as https://engine_FQDN/ovirt-engine/api. What is the proper url syntax to work with the new keycloak way and I know the username is now admin@ovirt@internalsso?
Should be the same - did you try this? Had problems? Which?
Best regards, -- Didi _______________________________________________ Users mailing list -- users@ovirt.org To unsubscribe send an email to users-leave@ovirt.org Privacy Statement: https://www.ovirt.org/privacy-policy.html oVirt Code of Conduct: https://www.ovirt.org/community/about/community-guidelines/ List Archives: https://lists.ovirt.org/archives/list/users@ovirt.org/message/C44XLLV5WMPRX7...
I couldn’t get the browser method to work and ended up writing scripts using the curl methods as mentioned. Thanks Don Sent from my iPhone X
On Sep 7, 2022, at 4:03 AM, Benny Zlotnik <bzlotnik@redhat.com> wrote:
it's tricky to access with the browser when keycloak is enabled, you first need to get the token: $ curl -k -H "Accept: application/json" 'https://engine.fqdn/ovirt-engine/sso/oauth/token?grant_type=password&username=admin@ovirt@internalsso&password=pass&scope=ovirt-app-api' {"access_token":"<token>","scope":"ovirt-app-api ovirt-ext=token-info:authz-search ovirt-ext=token-info:public-authz-search ovirt-ext=token-info:validate ovirt-ext=token:password-access","exp":"9223372036854775807","token_type":"bearer"}
then use the access_token returned: $ curl -k -H "Accept: application/json" -H "Authorization: Bearer <token>" https://engine.fqdn/ovirt-engine/api
On Wed, Sep 7, 2022 at 11:57 AM Yedidyah Bar David <didi@redhat.com> wrote:
On Fri, Sep 2, 2022 at 4:07 AM Don Dupuis <dondster@gmail.com> wrote:
Hello I have installed ovirt 4.5.2.4 and keycloak authentication is now standard. On previous installs it could be accessed via a web browser as https://engine_FQDN/ovirt-engine/api. What is the proper url syntax to work with the new keycloak way and I know the username is now admin@ovirt@internalsso?
Should be the same - did you try this? Had problems? Which?
Best regards, -- Didi _______________________________________________ Users mailing list -- users@ovirt.org To unsubscribe send an email to users-leave@ovirt.org Privacy Statement: https://www.ovirt.org/privacy-policy.html oVirt Code of Conduct: https://www.ovirt.org/community/about/community-guidelines/ List Archives: https://lists.ovirt.org/archives/list/users@ovirt.org/message/C44XLLV5WMPRX7...
participants (4)
-
Benny Zlotnik -
Don Dupuis -
Donald Dupuis
-
Yedidyah Bar David