Daml Hub Service Account Login

arya · May 27, 2022, 6:28pm

The docs here https://hub.daml.com/docs/api#operation/saLogin don’t show a request sample, how should the body of the POST request look for this request?

Sammy_Abed · May 27, 2022, 6:39pm

Hi,

The requests should look like this:
curl -XPOST https://${ledgerId}.daml.app/.hub/v1/sa/login -u ${service-account-credential}
(where -u indicates Basic Auth, i.e. a Authorization: Basic ${base64 encoded credential} header)

Sammy_Abed · May 27, 2022, 6:46pm

the service account credential is of the form username:password, and can be copied from Hub in the ledger’s service accounts page

arya · May 31, 2022, 5:50pm

hey thanks @Sammy_Abed ! So for a user in Python, we’d have to add this Authorization: Basic ${base64 encoded credential} as a header? Do you happen to have an example in Python?

Also, I only ever got the service account username, never a password, how do I get that? or is the credentials supplied on creation the password? If that’s the case, what is the username?

Sammy_Abed · June 1, 2022, 12:20am

To get both the username and password, try using the Copy To Clipboard icon as only the username is visible in the text field.

arya · June 1, 2022, 2:46pm

For a Service Account there is no “Copy to Clipboard” icon?

Alex_Matson · June 1, 2022, 2:52pm

Hi @arya,

To clarify:

Upon creating a new Service Account for the first time, you are presented with a secret credential that is displayed once.
At this time, you’ll see the credential ID and a “Copy to Clipboard” button which includes the entire credential, which is one string value formatted as cred-id:secret
When making a request to the SA login endpoint, you’ll want to submit the header of the form Authorization: Basic ${base64(cred-id:secret)}
Alternatively to (3), if your HTTP client has a helper method for Basic auth you may use cred-id and secret as username and password respectively. For example, with Python and requests:

response = requests.post('https://myapp.daml.app/.hub/v1/sa/login', auth=('cred-id', 'secret'))

Hope that helps!

arya · June 1, 2022, 3:10pm

thanks @Alex_Matson ! That is very helpful. Two things:

when I copied the credential generated in step 2, it was in the form cred-<HASH> and not in the form <cred-id>:<secret>.
what is cred-id here? is it the label given to the service account during its creation?

Alex_Matson · June 1, 2022, 3:17pm

Here’s a concrete example:

# complete credential (copied via the clipboard button)
cred-1822bb09-387e-443f-a0b2-6ac75bc3c167:OnB3i9CAOvKW42sy

# credential id
cred-1822bb09-387e-443f-a0b2-6ac75bc3c167

# secret
OnB3i9CAOvKW42sy

(The label you give it doesn’t factor in to any of this)

arya · June 1, 2022, 3:35pm

Oh thank you! the cred-id was so long that the secret blended in and I missed it my bad, thanks for the example!

Topic		Replies	Views
How can I log in to a Daml Hub service account via Postman? Questions damlhub	6	277	November 3, 2021
Can I login to daml hub from a UI hosted elsewhere Questions damlhub	5	212	June 9, 2022
How to obtain User Grant Access Token using DAML Hub site credentials? Questions damlhub	4	195	February 13, 2023
Daml Hub login Questions damlhub , react	1	229	April 6, 2022
Dabl_ledger_access_token Questions damlhub	2	341	February 17, 2021

Daml Hub Service Account Login

Related Topics