topic Re: Do we have option to disable authentication for jsonRPC only in NSO Developer Hub Discussions

Do we have option to disable authentication for jsonRPC only

pradc — Tue, 04 Feb 2020 18:22:01 GMT

Hi Experts,

We are planning to use NGINX and our own user management service but we want to use jsonRPC as an internal service.

Do we have any option to disable authentication for jsonRPC only?

Can we use /ncs-config/aaa/external-validation for jsonRPC?

Thanks,

Pradeep

perander — Tue, 03 Mar 2020 12:57:50 GMT

The closest disabling of authentication for JSON-RPC is to enable

/ncs-config/aaa/external-authentication and make it authenticate every request.

This doesn't fully disable JSON-RPC authentication though, because the

session cookie is still needed for all methods; i.e. in order to do anything a

a login is necessary. This login could have bogus input though, since the external

auth program would allow every request.

The external token authentication, i.e. /ncs-config/aaa/external-validation and the

X-Auth-Token header, doesn't work with JSON-RPC at all.

perander — Tue, 03 Mar 2020 13:08:22 GMT

To clarify, this is how external authentication works. It is called when the json-rpc login method is invoked.