[help wanted]: API returns 401 Unauthorized — cannot obtain a valid token to automate password rotation from Rundeck #67
Description
Contact Details
No response
What is your question?
Summary
I’m trying to integrate OneTerm with Rundeck so that we can rotate SSH passwords automatically on our Linux VMs. All calls to the REST API keep failing with 401 Unauthorized, and the current documentation does not explain how to generate a working access-token for machine-to-machine use.
Expected behaviour
Obtain a bearer token (or any other credential) via an authentication endpoint.
Use that token in subsequent calls (e.g. PUT /api/oneterm/v1/account/1) to update the private key/password recorded in OneTerm.
Receive 200 OK or 204 No Content and see the credential updated in the vault.
Actual behaviour
Every request to protected endpoints returns 401 Unauthorized.
No public endpoint is documented for token generation; the UI token extracted from browser DevTools also fails when reused via curl / Postman.
Steps to reproduce
1 – trying a login (no endpoint documented)
curl -X POST https://oneterm.example.com/api/auth/login
-H "Content-Type: application/json"
-d '{"username":"myuser","password":"mypassword"}'
2 – trying to re-use token taken from the web UI
curl -X PUT https://oneterm.example.com/api/oneterm/v1/account/1
-H "Authorization: Bearer eyJhbGciOiJI...'
-H "Content-Type: application/json"
-d '{"name":"usr_bradsvc","account_type":2,"account":"usr_bradsvc","phrase":"","pk":""}'
→ always returns 401
What we need
Clarification on the supported authentication flow for headless/API clients.
A documented endpoint (or CLI method) to obtain a valid token that the API will accept.
Any required scopes/headers that must accompany that token.
Version
newest