KNOWLEDGE PORTAL

Getting a Token for Use With the API

Secret Server

Summary

**Do not use in production environment without professional assistance**

To start using the API you need to get a token. There are a few ways to do this, below is an example of passing a URL, Username and Password. Notice the TOTP One time password is there and optional, if needed.

To view this script on the Cyberhill Github page, click here.

Function Get-SSTokenLocal {
    Param
    (
         [Parameter(Mandatory=$true, Position=0)]
         [string] $URI,
         [Parameter(Mandatory=$true, Position=1)]
         [string] $UserName,
         [Parameter(Mandatory=$true, Position=2)]
         [string] $Password,
         [Parameter(Mandatory=$false, Position=3)]
         [string] $OTP
    )

    $creds = @{
        username = $UserName
        password = $Password
        grant_type = "password"
    };

    $headers = $null
    If ($OTP) {
        $headers = @{
            "OTP" = $OTP
        }
    }

    try
    {
        $response = Invoke-RestMethod "$URI/oauth2/token" -Method Post -Body $creds -Headers $headers;
        return $response;
    }
    catch
    {
        $result = $_.Exception.Response.GetResponseStream();
        $reader = New-Object System.IO.StreamReader($result);
        $reader.BaseStream.Position = 0;
        $reader.DiscardBufferedData();
        $responseBody = $reader.ReadToEnd() | ConvertFrom-Json
        Write-Host "ERROR: ($responseBody.error)"
        return;
    }
}
You might also be interested in
Secret Server
Folder Information
When creating a folder, it is just as important to know what the API is looking for as it is to be able to make the API call to create…
LEARN MORE
Secret Server
Pulling a User Account
When working with Secret Server it is important to know what groups and roles a user is part of.
LEARN MORE
Cybersecurity Secret Server
Pulling a Secret from Secret Server by ID
One of the most common things clients look to do when scripting is to pull a secret from Secret Server. 
LEARN MORE