Problem:
I have worked with many IT systems and some of them (for ex: Rundeck) have a very cool feature of generating an API Authorization Token for a specific user. Afterwards, this user, can send REST API requests, for example with curl by using this Authorization Token. The token has an expiration time and needs to be renewed periodically.
At the moment, I am aware of 2 ways of accessing the API:
- username/password
- –header ‘Authorization: Basic <base64_encoded_username_and_password>’
Both of these, in my opinion, are insecure to be put in scripts.
I don’t think this Authorization Token feature is patented in any way because I think it’s a standard concept used in various IT systems.
Is there some initiative to integrate something like this in Foreman ?
Foreman and Proxy versions: 1.15