Generating an Access Token using a Domain Account returns 'NULL'
Article ID: 391289
Updated On:
Products
Issue/Introduction
When trying to generate an Access Token in Aria Automation using a Domain Account it is returning with NULL.
curl -X POST -k "https://$hostname/csp/gateway/am/api/login?access_token" -H 'Content-Type: application/json' -H 'Accept: application/json' -d '{ "username": "'$username'", "password": "'$password'" }' | jq -r .refresh_token
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 298 100 264 100 34 10595 1364 --:--:-- --:--:-- --:--:-- 12416
nullEnvironment
Active Directory over LDAP or Active Directory (Integrated Windows Authentication)
Cause
This is due to the domain not been specified in the CURL command. Aria Automation is expecting this input.
Resolution
As per KB - https://knowledge.broadcom.com/external/article/346005/generate-an-access-token-and-bearer-toke.html
We can set the variables first to allow them to be reused. Making sure the username is in the same format if that is what is configured in vIDM Directory Search Attribute for example UserPrincipleName is configured below. This can also be sAMAccountName.
hostname='[email protected]'
username='[email protected]'
password='your_password'
domain='domain.example'
api_token=$(curl -k -X POST "https://$hostname/csp/gateway/am/api/login?access_token" -H 'Content-Type: application/json' -H 'Accept: application/json' -d '{ "username": "'$username'", "password": "'$password'", "domain":"'$domain'" }' | jq -r .refresh_token)
echo "api_token: $api_token"
We can check the Directory Search Attribute in vIDM in the Administration Portal under Identity & Access Management - Directories - Selecting your Directory Name
We can then get our Bearer Token
bearer_token=$(curl -k -X POST https://$hostname/iaas/api/login -H "Accept: application/json" -H 'Content-Type: application/json' --data '{"refreshToken":"'"$api_token"'"}' | jq -r .token )
echo "bearer_token: $bearer_token"Feedback
