I am using python 3 to login via the Aruba Central API and then try to retrieve an authorization token.
I am getting the error CSRF token missing or incorrect.
The requests library is using a session manager which automatically passes the csrftoken and session cookies to the next request being made, but they are not being accepted even though they are being directly generated from the previous request.
Things i double checked:
- both requests are using the same client_id
- the hostname for the api endpoint works correctly for the first api request, so it should work for the second
The best documentation I could find on making these requests was a PDF found from a google search.
https://help.central.arubanetworks.com/2.4.7/documentation/online_help/content/pdfs/central/aruba_central_api_gateway_automation_guide.pdf
import requests, json, pprint
session = requests.Session()
url = "https://apigw-prod2.central.arubanetworks.com/oauth2/authorize/central/api/login"
querystring = {"client_id":"REMOVED"}
payload = {"username":"REMOVED", "password" : "REMOVED"}
response = session.post(url, json=payload, params=querystring)
print('response cookies', response.cookies)
url = "https://apigw-prod2.central.arubanetworks.com/oauth2/authorize/central/api"
querystring = {"client_id":"REMOVED","response_type":"code","scope":"read"}
response = session.post(url, params=querystring)
print('request headers sent', response.request.headers)
pprint.pprint(json.loads(response.text))
How can I get this to work?