Werk #16223: Deprecate automation user login via HTTP parameters

Komponente Setup
Titel Deprecate automation user login via HTTP parameters
Datum 19.11.2023
Checkmk Edition Checkmk Raw (CRE)
Checkmk-Version 2.3.0b1
Level Kleine Änderung
Klasse Neues Feature
Kompatibilität Kompatibel - benötigt kein manuelles Eingreifen

Checkmk offers a method to authenticate individual requests with the _username/_secret parameter. This also works for GET requests and was used for the Webapi (removed in 2.2).

Having secrets in GET parameters is considered bad practice since these parameters are usually logged by webservers and web proxies.

With this Werk we deprecate this authentication method. This means we now introduced a configuration option Enable automation user authentication via HTTP parameters to enable/disable this method. By default it is enabled to not interrupt existing workflows. In Checkmk 2.4 we will disable this by default so it will still be possible to enable this. In Checkmk 2.5 this method will be removed entirely.

If you currently use this method we recommend to switch to Basic Authentication.

Zur Liste aller Werks