Solved: Do we have option to disable authentication for jsonRPC only

pradc · ‎02-04-2020

Hi Experts,

We are planning to use NGINX and our own user management service but we want to use jsonRPC as an internal service.

Do we have any option to disable authentication for jsonRPC only?

Can we use /ncs-config/aaa/external-validation for jsonRPC?

Thanks,

Pradeep

perander · ‎03-03-2020

The closest disabling of authentication for JSON-RPC is to enable

/ncs-config/aaa/external-authentication and make it authenticate every request.

This doesn't fully disable JSON-RPC authentication though, because the

session cookie is still needed for all methods; i.e. in order to do anything a

a login is necessary. This login could have bogus input though, since the external

auth program would allow every request.

The external token authentication, i.e. /ncs-config/aaa/external-validation and the

X-Auth-Token header, doesn't work with JSON-RPC at all.

perander · ‎03-03-2020