02-04-2020 10:21 AM - edited 02-04-2020 10:22 AM
Hi Experts,
We are planning to use NGINX and our own user management service but we want to use jsonRPC as an internal service.
Do we have any option to disable authentication for jsonRPC only?
Can we use /ncs-config/aaa/external-validation for jsonRPC?
Thanks,
Pradeep
Solved! Go to Solution.
03-03-2020 04:57 AM
The closest disabling of authentication for JSON-RPC is to enable
/ncs-config/aaa/external-authentication and make it authenticate every request.
This doesn't fully disable JSON-RPC authentication though, because the
session cookie is still needed for all methods; i.e. in order to do anything a
a login is necessary. This login could have bogus input though, since the external
auth program would allow every request.
The external token authentication, i.e. /ncs-config/aaa/external-validation and the
X-Auth-Token header, doesn't work with JSON-RPC at all.
03-03-2020 04:57 AM
The closest disabling of authentication for JSON-RPC is to enable
/ncs-config/aaa/external-authentication and make it authenticate every request.
This doesn't fully disable JSON-RPC authentication though, because the
session cookie is still needed for all methods; i.e. in order to do anything a
a login is necessary. This login could have bogus input though, since the external
auth program would allow every request.
The external token authentication, i.e. /ncs-config/aaa/external-validation and the
X-Auth-Token header, doesn't work with JSON-RPC at all.
03-03-2020 05:08 AM
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide