It's possible to give event hook scripts temporary access to the Micetro API. To enable this access, you need to create a special ScriptRunner user in Micetro. This user should use Internal authentication and have an arbitrary, throwaway password, i.e., a random string that doesn't need to be kept. For instructions on how to add a user to Micetro, refer to Users.
The ScriptRunner user should be granted the roles necessary to perform the required actions through the API.
There are two methods by which event hook scripts can utilize the ScriptRunner user:
- Using the environment variable "MICETRO_SCRIPT_RUNNER_SESSION"
This is the preferred method for new scripts, not only because it's easier to use and doesn't block other scripts from execution, but also because it's considered the safer option for passing credentials to scripts.
With this method, the script may use the "MICETRO_SCRIPT_RUNNER_SESSION" session ID directly in Micetro API calls, without needing to log in first. The session ID is unique for each script invocation, which allows multiple scripts that utilize the ScriptRunner user to run at the same time. The session ID expires as soon as the script is done executing.
All scripts are supplied with the "MICETRO_SCRIPT_RUNNER_SESSION" when the ScriptRunner user is defined, so no extra configuration is required.
- Using ScriptRunner authentication parameters
When you add an event hook script, check the Add ScriptRunner authentication parameters checkbox. This adds "$u $p" at the end of the script name definition.
During script execution, "$u" is changed to "ScriptRunner" and "$p" is changed to a temporary password. This means that the script is executed with ScriptRunner and its temporary password as arguments.
The temporary password can be used to log into the Micetro API as ScriptRunner, and the resulting session ID used in subsequent API calls.
Note: Because ScriptRunner can only have one temporary password at any given time, this method blocks execution of any other script that has the ScriptRunner authentication parameters.