Authorization Token for accessing the Foreman API

I have worked with many IT systems and some of them (for ex: Rundeck) have a very cool feature of generating an API Authorization Token for a specific user. Afterwards, this user, can send REST API requests, for example with curl by using this Authorization Token. The token has an expiration time and needs to be renewed periodically.

At the moment, I am aware of 2 ways of accessing the API:

  • username/password
  • –header ‘Authorization: Basic <base64_encoded_username_and_password>’

Both of these, in my opinion, are insecure to be put in scripts.

I don’t think this Authorization Token feature is patented in any way because I think it’s a standard concept used in various IT systems.

Is there some initiative to integrate something like this in Foreman ?

Foreman and Proxy versions: 1.15

If you upgrade, you have Personal Access Tokens. Perhaps these suit your use case? It does look like the documentation is very limited.

Yeah, unfortunately Personal Access Tokens also don’t have a UI, yet. But you can create them via hammer or the API.
You can use the PAT like a password.

Oh, I didn’t know this existed.

Okay, I’ll check what is possible with those tokens.

Old topic, but is there any progress on creating PAT from the UI?