Challenge

  • contacting a REST API via Invoke-Webrequest
  • reading username and password from the command line in a secure fashion
  • using that secure password in plain text for authentication

Let’s read username and password from the command line. The password is obscured by dots, and it’s also not in the shell history.

$Password now contains a secure string:

It needs to be converted to plain text to be usable for authentication.

Now, the username, a colon and the password need to be concatenated, converted to utf8 bytes and then base64 encoded. The resulting string can be used in the request’s HTTP header. In this case the API will return JSON data.

Now the API request can be made:

stackoverflow is always helpful 🙂