ST2 Appliance Authentication

---

The default ST2 Integration Web GUI credentials are st2admin/extreme. REST (Representational State Transfer) API uses the ST2 API Key. Change the ST2 API Key and st2Admin password for security reasons.

REST API Authentication

• StackStorm (ST2) supports API keys. API keys differ from tokens in that they do not expire. This makes them suited for integrations with other applications like Webhooks.
• Webhook uses Basic Authentication with the API key.
• The API key deploys to the ExtremeCloud IQ Site Engine during post installation in the /usr/local/Extreme_Networks/NetSight/ST2Integration/config/.st2info.json file.
• API key management is currently available via the ST2 CLI or API. You can change it via the command: Sudo st2 apikey create -k -m '{"used_by": "my integration"}'
• Return Value: API_KEY_VALUE

NOTE:

Update the ExtremeCloud IQ Site Engine API key in the /usr/local/Extreme_Networks/NetSight/ST2Integration/config/.st2info.json file.

{

"ip" : "10.177.216.101",
"ST2-Api-Key": “API_KEY_VALUE”,
"xmc.ip": "10.177.215.124",
"xmc.user" : "root",
"xmc.password" : "emc12345"

}

Application API key is also can be created from the ExtremeCloud IQ Site Engine by the python code.

Related Commands

Create an authentication token before you issue any ST2 CLI commands:

1. Access Sudo st2 auth st2admin
2. Enter password: extreme
   
   Output:
   +----------+----------------------------------+
   | Property | Value |
| user | st2admin |
| token | ST2_TOKEN |
| expiry | 2017-12-01T21:14:11.496240Z |
   
   
3. Export it to ST2_AUTH_TOKEN:
export ST2_AUTH_TOKEN=ST2_TOKEN

For additional information, see https://docs.stackstorm.com/authentication.html.

Change ST2 Administrative User Password

Change the st2admin password after installation:

1. Enter the default password: Sudo htpasswd /etc/st2/htpasswd st2admin
2. Enter a new password.
3. Re-type your new password.

Regenerate Encrypted ExtremeCloud IQ Site Engine Password

ST2Integration supports ExtremeCloud IQ Site Engine Northbound REST API from ST2 action. The ExtremeCloud IQ Site Engine user password is encrypted and saved in the ST2 database during post installation. After you change the ExtremeCloud IQ Site Engine Northbound REST API password, use the following commands to update your encrypted password in the ST2 database:

1. To encrypt “xmckey," enter: st2 key set xmckey "xmc12345" --encrypt
2. To retrieve with encryption, enter: st2 key get xmckey
3. To retrieve without encryption, enter: st2 key get xmckey –decrypt
4. To delete “xmckey," enter: st2 key delete xmckey

After completing the authentication process, continue to Integrating ST2 in ExtremeCloud IQ Site Engine.

---

Related Information

For information on related help topics:

• ST2 Overview