Question

REST API to login to command center

3 days ago
March 21, 2025
3 replies
19 views

Yuggyuy
Byte
27 replies

Has anyone used apis to login to the command center?

I think my code below works for login, but doesn’t work for logout.

I’ve redacted specific details.

Eventually I want it to login, create a credential in the vault and logout but I’m also having issues removing httponly from the session.

curl -k -L -v -X POST "https://myserver/commandcenter/api/Login" -H "Content-Type: application/x-www-form-urlencoded" -H "Accept: application/json" --data-urlencode "username=xxx" --data-urlencode "password=xxx" -c "E:\automation\cookie.txt"

echo logout

curl -k -L -v "https://myserver/commandcenter/api/Logout" -b "E:\automation\cookie.txt" -c "E:\automation\cookie2.txt" -H "Content-Length: 15" -H "Content-Type: text/plain; charset=utf-8"

Can anyone advise?

Thanks.

This is the output of the logout command:

* Connected to myserver (::1) port 443

* schannel: disabled automatic use of client certificate
* ALPN: curl offers http/1.1
* ALPN: server did not agree on a protocol. Uses default.
* using HTTP/1.x
> GET /commandcenter/api/Logout HTTP/1.1
> Host: my server
> User-Agent: curl/8.9.1
> Accept: */*
> Cookie: JSESSIONID=A0A9471D67AFB7C72DB4BBCCF87D1045
> Content-Length: 15
> Content-Type: text/plain; charset=utf-8
>
* Request completely sent off
< HTTP/1.1 408
< Strict-Transport-Security: max-age=31536000;includeSubDomains
< X-Content-Type-Options: nosniff
< X-XSS-Protection: 1; mode=block
< X-Frame-Options: SAMEORIGIN
< Content-Security-Policy: default-src 'self' https:; script-src 'self' 'unsafe-eval' 'nonce--7ipy0jue34nv' https://code.highcharts.com https://www.googletagmanager.com ; img-src 'self' https://flagcdn.com blob: data: https://*.mapbox.com/ https://*.gstatic.com ; connect-src 'self' https://ipapi.co/ https://*.mapbox.com/ https://git.commvault.com https://api-engineer.azurewebsites.net/ https://edit.commvault.com:11316 http://deployer.commvault.com:8888/ https://deployer.commvault.com:8888/ https://www.google-analytics.com/ ; object-src 'none' ; worker-src 'self' blob: ; child-src 'self' blob: data: https://export.highcharts.com https://www.youtube.com/ https://*.vimeo.com/ ; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://stackpath.bootstrapcdn.com; base-uri 'self' ; font-src 'self' data: https://fonts.gstatic.com ; upgrade-insecure-requests; report-uri https:///commandcenter/consoleError.do;
< Permissions-Policy: accelerometer=(); geolocation=(); gyroscope=(); microphone=(); payment=();
< X-UA-Compatible: IE=Edge,chrome=1
< Referrer-Policy: strict-origin-when-cross-origin
< vary: accept-encoding
< Content-Type: text/html;charset=UTF-8
< Content-Length: 1640
< Date: Fri, 21 Mar 2025 11:02:21 GMT
< Connection: close
< Server:
<
<!DOCTYPE html>
<html lang="en">
<head>
<meta http-equiv="Content-Security-Policy" content="default-src 'self'; style-src 'self' 'unsafe-inline';">
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<meta charset="utf-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge,chrome=1">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<link rel="icon" type="image/x-icon" href="cloudFav.png" />
<title>Error page</title>
<style>

body {
padding-top: 120px;
margin-left: auto;
margin-right: auto;
color: #2e4f66;
text-align: center;
font-family: Helvetica,Arial,sans-serif;
}

img {
display: block;
max-width: 100%;
height: auto;
margin-left: auto;
margin-right: auto;
}

h1, h2, p {
margin: 0;
padding: 0;
font-weight: normal;
}

h1 {
margin-top: 18px;
margin-bottom: -12px;
font-size: 72px;
}

h2 {
font-size: 24px;
}

p {
margin-top: 29px;
font-size: 21px;
margin-left: auto;
margin-right: auto;
}

</style>
</head>
<body>
<img src="/gears.png" alt="Error" />
<h1>An error has occurred.</h1>
<p>We're sorry, but something prevented us from completing your request.</p>
</body>

Yuggyuy
Author
Byte
27 replies
3 days ago
March 21, 2025

I figured it, the password needs to be base64 encoded.

+18

Scott Moseman
Vaulter
502 replies
2 days ago
March 21, 2025

You can use Access Tokens and not worry about the Login API query.

https://documentation.commvault.com/2024e/essential/access_tokens_for_rest_apis.html

Thanks,
Scott

Commvault Enterprise Success

Yuggyuy
Author
Byte
27 replies
21 minutes ago
March 24, 2025

This will be programatically run with the token created when the curl is run, not before. It’s a script run by an automated process so we don’t really want manual tasks.

This works:

curl --ssl-no-revoke -k -X POST "https://mwserver:443/webconsole/api/Login" -H "Accept: application/json" -H "Content-Type: application/json" -d "{ \"username\": \"uname\", \"password\": \"pword\" }" > e:\automation\auth_resp.txt

I can save the enitre output to a file which gives me the below but I’m struggling to either extract the token from the file or make the curl save just the token.

{ "aliasName":"573","userGUID":"D72B6538-DA6F-4A4E-8551-9D1043D447BD","loginAttempts":0,"remainingLockTime":0,"smtpAddress":"dl-itservice-backupandrecovery@cbs.coventrybuildingsociety.co.uk","userName":"cv-credcreator","providerType":1,"ccn":0,"token":"QSDK 3efb5dc752a66ec10735862710a7fc0aa78084f38da67e5a73aa434784bcb307077baddb5251434fc359d468e27813b9138ce528ff1633a87cf031c95e38ff05290bac98cfa93c304827a038f936709b9d089449733cc1e868d135f40b139da6d14ee645a1189f4099fe5139fd478c322205e987b8be197f992ea665087ba324175b1f7eefc2f25cd98734a61e2933d2df2311260fc6cfd2078b5f4242dcb911d1384cd07b7c553b11158da15ac4afc4b3b36a6339165d7da52c2126dc9468c40a13dada209c93b6d0523702598af0ea72cd63499594a5510045472b4e9ff7fc4bc4665038cba34bc","capability":1073741824,"forcePasswordChange":false,"isAccountLocked":false,"ownerOrganization":{ "GUID":"866a61cb-b29e-451c-b5a4-28eba0d9445b","providerId":0,"providerDomainName":"Commcell" },"additionalResp":{ "nameValues":[ { "name":"USERNAME","value":"cv-credcreator" },{ "name":"autoLoginType" },{ "name":"fullName","value":"Cred Creator" } ] },"providerOrganization":{ "GUID":"866a61cb-b29e-451c-b5a4-28eba0d9445b","providerId":0,"providerDomainName":"Commcell" },"errList":[ ],"company":{ "providerId":0,"providerDomainName":"Commcell" } }

Reply

Cookie policy

We use cookies to enhance and personalize your experience. If you accept you agree to our full cookie policy. Learn more about our cookies.

Cookie settings

We use 3 different kinds of cookies. You can choose which cookies you want to accept. We need basic cookies to make this site work, therefore these are the minimum you can select. Learn more about our cookies.

Basic
Functional

Normal
Functional + analytics

Complete
Functional + analytics + social media + embedded videos

Reply

Related topics

Problem with Python Script for Commvault API Accessicon

API to launch VM backup jobicon

Use API Key for REST API authentication?icon

Issues connecting to api explorericon

FAQ - MFA enforcement for Commvault Cloud SaaS

Most helpful members this week

Sign up

Login to the community

Scanning file for viruses.

This file cannot be downloaded

Cookie policy

Cookie settings