Avatar of JJENSEN3
JJENSEN3
 asked on

Generating Authentication Token Using Windows PowerShell script

I am, at best, a novice user when it comes to writing Powershell scripts, so any simplified explanation to this question would be appreciated.
I am accessing one of our vendors API services. In order to access it, I need to generate an authentication token. I have the url to send the request to, and I have the username and password. What I am not sure of, is how to write the script to retrieve the token. Is there a "generic" method to do this?

Again, feel free to break it down to the most basic of terms. I won't be offended. :)

Thank you in advance.
PowershellShell ScriptingWindows OS

Avatar of undefined
Last Comment
JJENSEN3

8/22/2022 - Mon
ITguy565

I believe this is what you are looking for :
$Credential = Get-Credential
$Token = Get-MgmtSvcToken -Type Windows -AuthenticationSite "https://Computer01:30072" -ClientRealm "http://azureservices/AdminSite" -User $Credential -DisableCertificateValidation

Open in new window


reference : https://docs.microsoft.com/en-us/powershell/module/mgmtsvcadmin/get-mgmtsvctoken?view=azurepack-ps
ITguy565

You can also try it like this :

The following method allows you to create the token and then post it to an API.

Capture.PNG
reference : https://vss-wiki.eis.utoronto.ca/display/API/How+to+generate+an+access+token+using+PowerShell
footech

There isn't really any generic method for this.  The information and syntax that you will have to supply in the web request will vary depending on the design of the API, and as such the API documentation is a must to proceed.  Anything I provide here is only an example of how things might be used.

Here's a sample showing how I had to do something similar for a particular environment.
# Define a base part of the URL (useful when there may be different environments, e.g. sandbox and production)
$restURLbase = "https://restapi.somedomain.com"

# Get an access token for later calls
$authBody = @{
    grant_type = 'password'
    username = 'someuser'
    password = 's0mePa$s'
    }
$authURL = "$restURLbase/authorization"
$auth = Invoke-RestMethod -Uri $authURL -Method Post -Body $authBody

# Make a request using the access token
$headers = @{
    Authorization = "$($auth.tokenType) $($auth.accessToken)"
    }
$restURL = "$restURLbase/something/blah"
$data = Invoke-RestMethod -Uri $restURL -ContentType 'application/json' -Method Get -Headers $headers

Open in new window

All of life is about relationships, and EE has made a viirtual community a real community. It lifts everyone's boat
William Peck
JJENSEN3

ASKER
Footech,
This is all that I have been given by the API owner:

https://api.xxx.com/xxx/authenticate

Post below request to above URI
{
  "username":"oldenkamp",
  "password":"<password>"
}
Above request will get you Response as below:
{
    "status": "success",
    "id_token": "eyJraWQiOiJuZjlzTzhaeENtbXVCNVF2eFJ0eXE4cU55RGF2OGF2VTBvaWJQeVllcDZvPSIsImFsZyI6IlJTMjU2In0.eyJzdWIiOiJlMmMzNWI4YS00OTU3LTRiMmYtOGI3My02NWEyMGEwYWIxZGQiLCJjb2duaXRvOmdyb3VwcyI6WyJVc2VyIiwiRGV2ZWxvcGVyIl0sImVtYWlsX3ZlcmlmaWVkIjp0cnVlLCJjb2duaXRvOnByZWZlcnJlZF9yb2xlIjoiYXJuOmF3czppYW06OjkxNTE2NDU1MjY0NTpyb2xlXC9BUElHYXRld2F5RGV2R3JvdXAiLCJpc3MiOiJodHRwczpcL1wvY29nbml0by1pZHAudXMtZWFzdC0xLmFtYXpvbmF3cy5jb21cL3VzLWVhc3QtMV9CWW15NGt4SVUiLCJjb2duaXRvOnVzZXJuYW1lIjoib2xkZW5rYW1wIiwiY29nbml0bzpyb2xlcyI6WyJhcm46YXdzOmlhbTo6OTE1MTY0NTUyNjQ1OnJvbGVcL0FQSUdhdGV3YXlFeHRlcm5hbEdyb3VwIiwiYXJuOmF3czppYW06OjkxNTE2NDU1MjY0NTpyb2xlXC9BUElHYXRld2F5RGV2R3JvdXAiXSwiYXVkIjoiMnZsMWJobGtjY3I5dTZkaDM4cXZwbXJ2YzMiLCJldmVudF9pZCI6IjliNWVmYmFkLWIxZmYtMTFlOC1hNmM0LWEzY2NmY2JlZTc0OSIsInRva2VuX3VzZSI6ImlkIiwiYXV0aF90aW1lIjoxNTM2MjU3MjAxLCJleHAiOjE1MzYyNjA4MDEsImlhdCI6MTUzNjI1NzIwMSwiZW1haWwiOiJ0YWxlbmRAbWFzY29jYWJpbmV0cnkuY29tIn0.OiRtt_zUlxM6aQAll6rL4zUI10L1ZOJT4-XXhxjpuf9TbJUj0En55yu2QoFXepC5hBQgoFHCxLcvgae057e9H9wL4ylve4GHwSYTj_2ue0nblLrELrtS0b30r3MjIZV5I9L7Z2H2166FDreYW0QBZYcbJ6LHpo2GrkWBWGzgZ6p-AIoEL4sz5KyFMoMAclhG9uYAmwPX2Jnv62CMgbKtgjdqtdGSa6eNwlv-GtFoew4QIIvNdfQQ2Cegm4nPw024_xKqBvcgenkLkEYzwdNcQEf1lj9fYnk-szUtpiw6gPaU61jyvFdydGSw0TKmEUhV40QK21OiOiS50NTtlfpD2Q"
}


They are expecting it via Postman, but I am trying to automate it via Powershell.
ASKER CERTIFIED SOLUTION
footech

THIS SOLUTION ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
See Pricing Options
Start Free Trial
GET A PERSONALIZED SOLUTION
Ask your own question & get feedback from real experts
Find out why thousands trust the EE community with their toughest problems.
JJENSEN3

ASKER
Footech, your example got me close enough to produce a result. I did have to make small modifications to fit the API, but it was a good example. Thanks to all for the help.