Using the API with Windows credentials

Alwyn · 20 August 2015 13:04

Hi

Is it possible to use the Octopus API using Windows credentials instead of specifying an API key?

We have a custom intranet app that uses the Octopus API. It’s used by multiple users so the API calls need to be made in the context of the logged-in user. But this means somehow having to know the API key for every user.

I can log in to the Octopus application without specifying my API key, using the “sign in with your domain account” option. I’d like our app to work in the same way.

The documentation for the Octopus API points out that the Octopus app is built on the API, implying that everything the app can do can also be done via the API - but I can’t find a way to implement this feature. How does the Octopus app manage it?

Thanks in advance.

Michael_Richardson · 21 August 2015 02:36

Hi Alwyn,

Thanks for getting in touch.

This isn’t a scenario we have tested, but we believe it should be possible.

The trick is to hit the /integrated-challenge URL. This will cause an authentication cookie to be stored on the response.

e.g. (assuming you are using the .NET client)

var repo = new OctopusRepository(new OctopusServerEndpoint("[your url}"));
repo.Client.Get("/integrated-challenge");
// now authenticated

Please let me know if this works?

Regards,
Michael

Alwyn · 24 August 2015 10:57

Hi Michael

Yes I’m using the .Net client, and that solution seems to work perfectly.

Thanks very much for your help.