Seq API: Authenticating using Integrated Security?

Question

Without authentication enabled on my Seq instance, I'm perfectly able to work with it from powershell, that is, the following just works:

Invoke-RestMethod "https://myseqinstance/api/dashboards?shared"

However, now that I've enabled Active Directory authentication and added a login for myself, I can still access the Seq UI, but calling the API fails.

Invoke-RestMethod "https://myseqinstance/api/dashboards?shared" -UseDefaultCredentials

This now produces an HTTP 401 - Unauthorized error.

I figured that I might need to login, so I've tried a HTTP GET and POST of the following

# Produces HTTP 403
Invoke-RestMethod "https://myseqinstance/api/users/login" -UseDefaultCredentials
# Produces HTTP 400
Invoke-RestMethod -Method Post "https://myseqinstance/api/users/login" -UseDefaultCredentials

So neither works, even though integrated security should be possible... How can I authenticate against the Seq API using integrated security?

Answer 1

The trick here is to use an API key - you can do this in the Seq UI by clicking on your username and selecting "API keys".

On the command-line, the API key token can be passed in a header:

$headers = @{
    'X-Seq-ApiKey' = '<token>'
}
Invoke-RestMethod -Uri "https://myseqinstance/api/dashboards?shared" -Method Get -Headers $headers

Its usually much more convenient to use the seqcli command-line client, if the commands you need are in there. If not, Seq.Api (a client library in C#) covers the complete API and makes a lot of automation tasks easier.