Werk #16222: Automationuser login must not open full session

Component Setup
Title Automationuser login must not open full session
Date Nov 19, 2023
Checkmk Edition Checkmk Raw (CRE)
Checkmk Version 2.2.0p16 2.3.0b1
Level Trivial Change
Class Bug Fix
Compatibility Incompatible - Manual interaction might be required

Checkmk offers a method to authenticate single web requests with URL parameters (_username and _secret).

Due to some refactoring of the session handling with Checkmk 2.2 such automation requests initiated a full session.

The login for automation users was still blocked in the login screen but an authenticated request initiated a full session that could than be used to browse the Checkmk GUI like a regular user.

With this Werk that is no longer the case.

If you use this authentication method you should check if you rely on sessions for your automation users.

To the list of all Werks