Use users credentials without asking for them


I have created an internal Web API and written Powershell modules to interact with it.
Some of the actions in the Web API needs authorization.

Hence, in Powershell I need to do something like this:

Invoke-WebRequest $url -Method Get -ContentType "application/json" -Credential (Get-Credential)

But the user is already opening the powershell prompt with their own user, and that should be enough to get authorized.

I guess I am looking for a feature like in Internet Explorer, where I can add a internal website as a Intranet site, therefor it won’t ask for extra credentials.

Hope it makes sence.

That is, as you suggest, a feature of IE - not a general feature of Windows. IE is doing some malarky under the hood - receiving an authentication prompt from the web server, and then responding to it with a security token. You’d have to build that functionality yourself, and it ain’t gonna be easy. Invoke-WebRequest is a much lower-level creature, and doesn’t do any of the fancy stuff a browser does - like track cookies, automatically respond to auth requests, etc. It’s just sending data back and forth.

Hi Don,

Thank you for your answer. I guess I will then make it so that the module will just prompt the user one time and then reuse it within that session.

Best regards

Instead of -Credential, you’d just use the -UseDefaultCredentials switch on Invoke-WebRequest. This is assuming that your website uses Windows Authentication. If it’s HTTP auth or forms-based or whatever, then you can’t use the user’s existing credentials without them re-entering the password.

@DLWyatt - Thank you very much. Was exactly what I was looking for. Don’t know how I missed the -UseDefaultCredentials parameter. I am using Windows Authentication - sorry for not making that clear in the first place.

Best regards

Oh, apologies - I wasn’t thinking that’s what you were after. Sorry. Thanks Dave.

No problem :slight_smile: