We’re using the Octopus Client .NET Nuget package in an intranet site with windows authentication. When users visit our intranet site I want to limit the client to what the user is able to do so don’t want to provide an API key to use with the OctopusServerEndpoint object. Any thoughts on how to do this? I’ve tried what is suggested here: Using the API with Windows credentials but I get an OctopusServerException with no further details.
Here is my code if it helps:
var endpoint = new OctopusServerEndpoint(this.configuration.Server); var client = await OctopusAsyncClient.Create(endpoint); await client.GetContent("/integrated-challenge"); return client;
There is one solution I can think of but seems messy, that is to provide a “master” API key and then generate an API key for the current user when they use the app but this doesn’t seem ideal
var endpoint = new OctopusServerEndpoint(this.configuration.Server, this.configuration.ApiKey); var client = await OctopusAsyncClient.Create(endpoint); var user = await this.GetCurrentUser(client); var apiKeyResource = await client.Repository.Users.CreateApiKey(user); endpoint = new OctopusServerEndpoint(this.configuration.Server, apiKeyResource.ApiKey); client = await OctopusAsyncClient.Create(endpoint); return client;