0

In my express API I have user's AD username and password but I need to somehow get an NTLM token to call another API. Is there any node module that can help with this? Is this something that can be easily accomplished or must the token come from the browser?

I have seen many Node packages to help with NTLM (like express-ntlm) but they generally seem to be for Authentication (which I don't need) . I just want to provide credentials and return actual token.

JavaBeast
  • 766
  • 3
  • 11
  • 28
  • 1
    NTLM authenticates a connection, not a user, this means you can reuse the same connection as long as you need without authenticating again. You aren't delivered a token that can be reused for another connection. – Eugène Adell Apr 16 '20 at 06:28
  • @EugèneAdell Thanks for the thoughts! I am trying to follow the link here for API use: https://forum.uipath.com/t/how-to-authenticate-orchestrator-api-using-windows-credentials/78830/15 . Specifically, It says: "For authenticating with the API, you do not need to do Step 1 as indicated with the Local user. Instead, when querying an endpoint instead of providing a Bearer Token in your Authentication header you provide an NTLM token." So I am in my express api with user ad credentials trying to call this api with proper token but not having any success. – JavaBeast Apr 16 '20 at 17:46
  • In other words: For authenticating a local user it gives me endpoint that returns a bearer token I can use for subsequent calls, but for AD sign on it assumes I already have NTLM token, which I dont know how to get from my express endpoint. I have a custom login portal that sends credentials to express where I authenticate with AD. – JavaBeast Apr 16 '20 at 17:55
  • I don't know at all these products (postman, express) but in your link they say they are using postman to authenticate and get a "token" (which by the way isn't Base-64 encoded and is not a real one at all), and they reuse this "token" later. It might work as long the API request is done after the authentication request and they share the very same network connection (see my 1st comment). NTLM was not designed for reusable "tokens", if you are using express you should have a look on the libraries built for it. Sorry that I can't help further. – Eugène Adell Apr 16 '20 at 19:37

1 Answers1

0

Try using httpntlm module. This helps in NTLM handshake. https://www.npmjs.com/package/httpntlm

ashish
  • 206
  • 2
  • 9