Authentication
API Authentication¶
Authentication methods for TrikuSec API.
License Key Authentication¶
Lynis endpoints use license key authentication via form data.
Upload Endpoint¶
curl -X POST https://yourserver:8001/api/lynis/upload/ \
-F "licensekey=your-license-key" \
-F "hostid=server-01" \
-F "data=..."
License Check Endpoint¶
Security Best Practices¶
- Use HTTPS - Always use HTTPS in production
- Protect License Keys - Never expose license keys in logs or version control
- Rotate Keys - Regularly rotate license keys
- Rate Limiting - Be aware of rate limits on API endpoints
Troubleshooting¶
Invalid License Key¶
If you get 401 Unauthorized:
- Verify the license key is correct
- Check that the license key exists in TrikuSec
- Ensure the license key hasn't been revoked
Connection Issues¶
If you can't connect:
- Check server URL is correct
- Verify firewall allows connections
- Check SSL certificate (use
--insecurefor self-signed certs)
Next Steps¶
- Endpoints - See all available endpoints