Developer

last person joined: yesterday 

Expand all | Collapse all

obtain Aruba ClearPass access token

Jump to Best Answer
  • 1.  obtain Aruba ClearPass access token

    Posted Dec 11, 2019 04:28 AM

    I would like to access the Aruba ClearPass REST API. The administrator granted me access to ClearPass with an account using

    myUsername

    as the username and 

    myPW

    as the password. First I created an API client, these are my settings:

    tetTZ

     

    Next I want to obtain an access token, so I pass in my credentials

    TTAUt

     

    Unfortunately I get a 401 response

     

    {
      "type": "http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html",
      "title": "invalid_grant",
      "status": 401,
      "detail": "Invalid username and password combination"
    }

    I also tried to use Postman for testing purposes. I call a POST with the url 

     

    https://clearpass.myCompany.de:443/api/oauth

    but instantly get this response

    6J7JI

    What am I missing or what might be wrong? Thanks in advance


    [1]: https://i.stack.imgur.com/tetTZ.png
    [2]: https://i.stack.imgur.com/TTAUt.png
    [3]: https://i.stack.imgur.com/6J7JI.png



  • 2.  RE: obtain Aruba ClearPass access token
    Best Answer

    Posted Dec 11, 2019 04:57 AM

    Hi,

     

    Do you have a Oauth2 service ?

     

    With a token it is working ?



  • 3.  RE: obtain Aruba ClearPass access token

    Posted Dec 11, 2019 05:18 PM

    Hi,

     

    Which version of ClearPass are you using?

     

    You would have auto generated client secret while creating the API client. Or if you API client has already been created, you would have option to generate client secret while editing the existing API client. 

     

    Once you have the client id and client secret, you would be able to generate a token. Refer the python script in Aruba's Official GitHub Repo which does that.

    https://github.com/aruba/clearpass-api-python-snippets

     

        url = "https://<clearpass_fqdn>/api/oauth"
        headers = {'Content-Type':'application/json'}
    # grant_type: password payload = {
    'grant_type':<oauth_grant_type>,
    'username':<oauth_username>,
    'password':<oauth_password>,
    'client_id':<oauth_client_id>,
    'client_secret':<oauth_client_secret>
    }


  • 4.  RE: obtain Aruba ClearPass access token

    Posted Dec 12, 2019 04:01 AM

    Your logs indicate that the username & password are not accepted. Do you see the authentication for the username that you used in Access Tracker?

     

    Here is the service that I have in my deployment for the REST user authentication:

    Screen Shot 2019-12-12 at 09.54.24.png

    Please make sure you see the authentication coming in in Access Tracker, match on the right service, and return an Application Accept.