2 Replies Latest reply on Feb 23, 2016 1:03 PM by nickigraus

    Is it possible to use Windows Authentication with the Orion REST API?


      I am attempting to query the Orion REST API without having to provide an explicit username and password. Using the CSRestClient example from GitHub (OrionSDK/Samples/CSharp at master · solarwinds/OrionSDK · GitHub ) as as springboard, I have successfully interacted with the dashboard website programmatically using Windows Authentication (by setting the Credentials field of the WebRequestHandler to CredentialCache.DefaultNetworkCredentials). However, I am unable to do the same with the REST API, it simply gives me a 401 (Unauthorized).


      Is it possible to hit the REST API using Windows Authentication, and if so, how?

        • Re: Is it possible to use Windows Authentication with the Orion REST API?

          No, the REST API only supports Basic authentication at this time. You can provide a Windows username and password via Basic authentication, but Integrated Windows Authentication is not supported.


          If you don't want to prompt for a password (understandable), then you have two options:


          1. Use PowerShell. You can call into the powershell cmdlets from C#. Connect-Swis supports a "-Trusted" option that achieves integrated windows auth.

          2. Reverse engineer the web service calls the Orion website uses to make swis calls. This is not guaranteed to stick around from version to version as it is intended for SolarWinds internal use. However as long as you are willing to accept risk of breakage on upgrades (test in a lab before upgrading production!) this may do what you need. The easiest way to do this is to use the network tab on Chrome Dev Tools to observe the XHR requests as you use the website. I would start with the Manage Nodes page (/Orion/Nodes/Default.aspx).

          2 of 2 people found this helpful
          • Re: Is it possible to use Windows Authentication with the Orion REST API?

            You are already running an IIS.


            Setup a new web service on the IIS, using Windows Auth, wrapping the swis-API via pass-trough.

            You only need to add the hard coded swis auth to the wrapper itself.


            I would recommend to use c# for the wrapper.


            - custom error handling in your wrapper

            - if swis changes, you only need to amend your wrapper code


            - the swiss auth is hard coded - you would need to make your own audit log

            - if your server is compromised, your auth for swis will be as well