Skip to main content
Splunk Lantern

Ticket-based API authentication

Authentication for an API defines who has permission to access secure data or endpoints. This is especially important for APIs sharing sensitive information, APIs that allow end users to make changes, or for companies that charge some cost for accessing data via API.

Ticket-based authentication is ideal for any scenario where you’re protecting sensitive information, allowing an API to create objects or make changes or if you’re charging some cost for use of your API. 

Procedure

In order to effectively monitor an API that uses ticket-based authentication, you must be able to complete multiple steps and save the ticket or token in a variable that can be reused in future steps.

You can make a request with a username and password and some type of specification in the header, then retrieve a token from the system, save that token as a variable and then make another request to an endpoint with that token as a header.

Next steps

You might be interested in other processes associated with the Monitoring API transactions use case.