• Recent
  • Unsolved
  • Tags
  • Popular
  • Users
  • Groups
  • Search
  • Register
  • Login
  • Recent
  • Unsolved
  • Tags
  • Popular
  • Users
  • Groups
  • Search
  • Register
  • Login

FOG API question

Scheduled Pinned Locked Moved Unsolved
FOG Problems
1
2
109
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • J
    Jamaal
    last edited by Apr 6, 2025, 1:51 AM

    Hello @JJ-Fullmer , hope all is well.
    First of all, thanks for creating that Powershell module for FOG to be used via Powershell.
    I have a question in regards to the script I’ve been using for a while. In it has the API for both the user and the FOG server.

    I want to be more secure in the sense of not putting the API in the script. I tried Microsoft’s module Secret Management and I can store both api keys under 2 different secrets. Here is the link from Microsoft: https://learn.microsoft.com/en-us/powershell/utility-modules/secretmanagement/get-started/using-secretstore?view=ps-modules

    But when I try to retrieve the secrets, I get the 403 forbidden message.

    Powershell variables for the both api keys for example: f8dcc28c-aef3-45c7-a765-1719c30df353-image.png

    Error message: 3cce1c57-e18b-4b3b-965b-aed75980c21c-image.png

    It will only work if I add -asplaintext for example:

    94f64f07-9835-4fac-8265-cda63d9de679-image.png

    It won’t take the System.Security.SecureString

    I double checked to make sure I’m using the correct fog and user api keys, but no dice.
    Is there a way to secure these API keys instead of putting them directly in the Powershell script and also not doing the command -asplaintext?

    If anyone has suggestions, please let me know.

    1 Reply Last reply Reply Quote 0
    • J
      Jamaal
      last edited by Apr 6, 2025, 11:23 PM

      Ok,

      I finally figured this out. I know it’s not the best method, but I prefer this than having the wording “plain text” Here’s what I did in case someone needs to do the same.

      I read that API tokens do not go well as a securestring. Here are some references:
      https://jamesone111.wordpress.com/2020/04/10/transformers-for-powershell-parameters-which-take-secrets/, and https://github.com/Azure/azure-powershell/issues/25533.

      So in order to get past this, I needed to create another variable as show below:

      • $testapi1 = [pscredential]::new(“token”,$yourtoken)

      You’re basically adding the pscredential above like you’re going to setup a username, but you put something like “token” or any wording as a placeholder for the username, then put the token in.

      • Then after you define the header you do something like this: $testheader.add(fog-user-token’,$testapi1.GetNetworkCredential().password)

      Again it’s not the best method, but I also read a way when you do read-host -aseecurestring and save your api there as a variable, you can dispose that variable so it doesn’t stay in memory.

      $test.disposeof

      If someone has any better ideas, please let me know as I’m always on here learning new things and want to share as well. This basically can be closed out.

      1 Reply Last reply Reply Quote 0
      • 1 / 1
      1 / 1
      • First post
        1/2
        Last post

      241

      Online

      12.1k

      Users

      17.3k

      Topics

      155.3k

      Posts
      Copyright © 2012-2024 FOG Project