API Script Command: login
When generating any BeyondTrust Console Script, the login command is automatically added as the first command in the script file. It does not need to be specified in the URL used to generate the script file.
By default, this command opens the access console and attempts to log in using the credentials saved locally in the access console. If no credentials are saved, the command opens the access console login prompt. Once the user has correctly authenticated, the script continues running.
The login command has no effect if a user is already logged into the access console.
If you wish to specify the credentials to be used, you can create a separate script specifically to be used for logging in. The login command passes the login mechanism along with a username and password. Both username and password parameters are sent in plain text and is unencrypted.
You cannot specify multiple commands in the URL used to generate a script. For example, you cannot specify login and multiple start_jump_item_session commands in the same URL. Each command must be generated as a separate script.
However, a skilled developer may edit the .brcs script file once it has been generated in order to modify the login credentials and then run another command. BeyondTrust does not support scripts modified in this manner.
Optional Parameters for login Command
|mechanism=[string]||The mechanism to use for authentication. Currently, only username_password is supported. If this parameter is supplied, both other parameters must also be supplied.|
|username=[string]||The username of the account with which to log in. If this parameter is supplied, both other parameters must also be supplied.|
|password=[string]||The password of the account with which to log in. If this parameter is supplied, both other parameters must also be supplied.|
Query Examples: login
|Log into the access console, specifying the username and password||https://access.example.com/api/client_script?type=rep&operation=generate&