Forum Discussion

rodolfosalgado_'s avatar
rodolfosalgado_
Icon for Altostratus rankAltostratus
Jul 22, 2016

How BIG-IP Token/Authentication works ?

I'm unable to find anywhere here/documentation/articles anyone that could explain a little bit better the authentication token when you get the response from the Rest. I'm sending the POST to the R...
devops
iControlREST
security
StephanManthey's avatar
StephanManthey
Icon for MVP rankMVP
Sep 22, 2017

In case you want to use BIG-IQ as REST proxy you are forced to use a token.

Please see Ask F5 article "K04452074: Overview of using the BIG-IQ system authentication token". The token timeout of 300 seconds is hard coded.

A token can be requested via REST as shown below.

An object is returned containing a key named "token".

The value of token is another object containing the token key and value and other elements.

To filter the token string the following syntax might be used on shell: 
curl -sk -X POST -H "Content-Type: application/json" -d '{"username":"", "password":""}' "https:///mgmt/shared/authn/login" | \
grep -oP '(?<="token":)\{("[^"]*":\s*("[^"]*"|[^",]*|\{[^}]*\}|\[[^]]*\]),?)*\}' | grep -oP '(?<="token":")[^"]*'
  • Andre_Nurwono's avatar
    Andre_Nurwono
    Icon for Employee rankEmployee
    Mar 15, 2024
    IPADDR='127.0.0.1'; \
TOKEN=`curl -sku admin:admin https://$IPADDR/mgmt/shared/authn/login -X POST -H "Content-Type: application/json" -d '{"username":"admin", "password":"admin", "loginProviderName":"tmos"}' | jq -r '.token.token'` ; \
curl --trace-time -vvv -sk -X GET https://$IPADDR/mgmt/shared/identified-devices/config/device-info -H "X-F5-Auth-Token: $TOKEN";

    I love the filter!
    There's also the jq util which can parse json.  This example then reuses it in a subsequent call.