Is there a reason you need to or want to use code to obtain/generate a token vs creating one via the Graylog Web Interace?
Currently this is the only supported way of obtaining tokens.
However, to answer your question:
Graylog stores access tokens in its MongoDB instance in the access_tokens collection, however, the token is encrypted with the graylog cluster’s password_secret
I developed a web application interacting with siems data. The data retrieving is all based on API requests. Which allow to be easily adapted according to the siem it is embedded in.
The objective was to integrate the web application in an iframe loaded from a simple webui Graylog plugin.
Up to Graylog 4.2.x (or 4.3.x, I don’t remember the exact version) the web application was retrieved the user access token through localstorage.
But an update from 4.[2|3].x set the httpFlagOnly to true for this token stored in localstorage which prevent the web application to retrieve the token.
This prevent me using the graylog’s authentication system transparently. Setting a service token for the web application is not an option as a service token would prevent the traceability of all users requests.
@drewmiranda-gl Concerning graylog’s plugins, do you know if it is possible to store configuration informations ?
The solution I see would be for the user to generate its own token from the GUI and record it himself in a configuration field which would be readable by the plugin.
Does plugins in graylog support this kind of process ? I see no mention of customizable configuration data in the documentation.