Here is another way... Instead of basic auth (user/pass), you could use Kerberos to authenticate the request programmatically. This removes the need for hardcoded credentials. Using Python (requests-kerberos): Python import requests
from requests_kerberos import HTTPKerberosAuth
knox_url = "https://<knox-host>:8443/gateway/knoxsso/api/v1/token"
# This uses your existing kinit session
response = requests.get(knox_url, auth=HTTPKerberosAuth(), verify=False)
if response.status_code == 200:
token_data = response.json()
print(f"Your Token: {token_data['access_token']}") Set up a Kerberos keytab for your service account, and use a script (Python or Java) to hit the Knox Token API using SPNEGO. This is the enterprise-standard way to automate Knox token generation without the Web UI or manual password entry. I think there are quite a few alternatives here, java, nifi, etc
... View more
