netbox-community-netbox/docs/rest-api/authentication.md

# REST API Authentication

The NetBox REST API primarily employs token-based authentication. For convenience, cookie-based authentication can also be used when navigating the browsable API.

{!models/users/token.md!}

## Authenticating to the API

An authentication token is attached to a request by setting the `Authorization` header to the string `Token` followed by a space and the user's token:

```
$ curl -H "Authorization: Token $TOKEN" \
-H "Accept: application/json; indent=4" \
https://netbox/api/dcim/sites/
{
    "count": 10,
    "next": null,
    "previous": null,
    "results": [...]
}
```

A token is not required for read-only operations which have been exempted from permissions enforcement (using the [`EXEMPT_VIEW_PERMISSIONS`](../configuration/optional-settings.md#exempt_view_permissions) configuration parameter). However, if a token _is_ required but not present in a request, the API will return a 403 (Forbidden) response:

```
$ curl https://netbox/api/dcim/sites/
{
    "detail": "Authentication credentials were not provided."
}
```

## Initial Token Provisioning

Ideally, each user should provision his or her own REST API token(s) via the web UI. However, you may encounter where a token must be created by a user via the REST API itself. NetBox provides a special endpoint to provision tokens using a valid username and password combination.

To provision a token via the REST API, make a `POST` request to the `/api/users/tokens/provision/` endpoint:

```
$ curl -X POST \
-H "Content-Type: application/json" \
-H "Accept: application/json; indent=4" \
https://netbox/api/users/tokens/provision/ \
--data '{
    "username": "hankhill",
    "password": "I<3C3H8",
}'
```

Note that we are _not_ passing an existing REST API token with this request. If the supplied credentials are valid, a new REST API token will be automatically created for the user. Note that the key will be automatically generated, and write ability will be enabled.

```json
{
    "id": 6,
    "url": "https://netbox/api/users/tokens/6/",
    "display": "3c9cb9 (hankhill)",
    "user": {
        "id": 2,
        "url": "https://netbox/api/users/users/2/",
        "display": "hankhill",
        "username": "hankhill"
    },
    "created": "2021-06-11T20:09:13.339367Z",
    "expires": null,
    "key": "9fc9b897abec9ada2da6aec9dbc34596293c9cb9",
    "write_enabled": true,
    "description": ""
}
```
Started refreshing REST API documentation 2020-08-04 17:07:45 -04:00			`# REST API Authentication`

			`The NetBox REST API primarily employs token-based authentication. For convenience, cookie-based authentication can also be used when navigating the browsable API.`

Clean up documentation build warnings 2021-09-15 11:46:58 -04:00			`{!models/users/token.md!}`
Started refreshing REST API documentation 2020-08-04 17:07:45 -04:00
			`## Authenticating to the API`

			An authentication token is attached to a request by setting the `Authorization` header to the string `Token` followed by a space and the user's token:

			```
Standardize API requests 2020-08-05 14:04:35 -04:00			`$ curl -H "Authorization: Token $TOKEN" \`
Started refreshing REST API documentation 2020-08-04 17:07:45 -04:00			`-H "Accept: application/json; indent=4" \`
Docs and release notes for #5264 2021-06-11 16:12:25 -04:00			`https://netbox/api/dcim/sites/`
Started refreshing REST API documentation 2020-08-04 17:07:45 -04:00			`{`
			`"count": 10,`
			`"next": null,`
			`"previous": null,`
			`"results": [...]`
			`}`
			```

Use relative links that work locally and in production At present, a mix of link types are used in the Netbox documentation from markdown file links to relative and absolute anchor links. Of the three types, linking to markdown files is the most ideal because it allows navigation locally on disk, as well as being translated into working links at render time. While not obvious, mkdocs handles converting markdown links to valid URLs. Signed-Off-by: Marcus Crane <marcu.crane@daimler.com> 2021-03-18 19:39:03 +13:00			A token is not required for read-only operations which have been exempted from permissions enforcement (using the [`EXEMPT_VIEW_PERMISSIONS`](../configuration/optional-settings.md#exempt_view_permissions) configuration parameter). However, if a token _is_ required but not present in a request, the API will return a 403 (Forbidden) response:
Started refreshing REST API documentation 2020-08-04 17:07:45 -04:00
			```
Docs and release notes for #5264 2021-06-11 16:12:25 -04:00			`$ curl https://netbox/api/dcim/sites/`
Started refreshing REST API documentation 2020-08-04 17:07:45 -04:00			`{`
			`"detail": "Authentication credentials were not provided."`
			`}`
			```
Docs and release notes for #5264 2021-06-11 16:12:25 -04:00
			`## Initial Token Provisioning`

			`Ideally, each user should provision his or her own REST API token(s) via the web UI. However, you may encounter where a token must be created by a user via the REST API itself. NetBox provides a special endpoint to provision tokens using a valid username and password combination.`

			To provision a token via the REST API, make a `POST` request to the `/api/users/tokens/provision/` endpoint:

			```
			`$ curl -X POST \`
			`-H "Content-Type: application/json" \`
			`-H "Accept: application/json; indent=4" \`
Fixes #6901: Correct example REST API request 2021-08-06 08:39:57 -04:00			`https://netbox/api/users/tokens/provision/ \`
			`--data '{`
Docs and release notes for #5264 2021-06-11 16:12:25 -04:00			`"username": "hankhill",`
Small syntax error No double quotes after password. 2021-12-31 11:25:12 +01:00			`"password": "I<3C3H8",`
Fixes #6901: Correct example REST API request 2021-08-06 08:39:57 -04:00			`}'`
Docs and release notes for #5264 2021-06-11 16:12:25 -04:00			```

			`Note that we are _not_ passing an existing REST API token with this request. If the supplied credentials are valid, a new REST API token will be automatically created for the user. Note that the key will be automatically generated, and write ability will be enabled.`

			```json
			`{`
			`"id": 6,`
			`"url": "https://netbox/api/users/tokens/6/",`
			`"display": "3c9cb9 (hankhill)",`
			`"user": {`
			`"id": 2,`
			`"url": "https://netbox/api/users/users/2/",`
			`"display": "hankhill",`
			`"username": "hankhill"`
			`},`
			`"created": "2021-06-11T20:09:13.339367Z",`
			`"expires": null,`
			`"key": "9fc9b897abec9ada2da6aec9dbc34596293c9cb9",`
			`"write_enabled": true,`
			`"description": ""`
			`}`
			```