= Authen Key Request =

Ref:[https://www.thruk.org/documentation/rest.html#_authentication here] [[br]]

We get secert.key from 
{{{
#!sh
root@b0964626fefc:~# /omd/sites/GV/var/thruk/secret.key
}}}
Then we request with
{{{
[krit@mini SiteDemo]$ curl -H 'X-Thruk-Auth-Key: d942be681455b3e9d6e883d2f9be29c4299830c383306cd6987d68f637bjei22_1' -H 'X-Thruk-Auth-User: omdadmin' -gk 'https://192.168.112.174:5688/demo/thruk/r/hosts'
}}}

== check password ==
edit file /omd/versions/4.40-labs-edition/share/thruk/plugins/plugins-available/conf/lib/Thruk/Controller/conf.pm [[br]]
This [attachment:conf.pm] file was attached in this page around line number 1472.  
{{{
# change password?
    if($c->req->parameters->{'save'}) {
        return unless Thruk::Utils::check_csrf($c);

        my $old        = $c->req->parameters->{'data.old'}        || '';
        my $pass1      = $c->req->parameters->{'data.password'}   || '';
        my $pass2      = $c->req->parameters->{'data.password2'}  || '';
        my $min_length = $c->config->{'user_password_min_length'} || 5;
        if($has_minus_v && !$old) {
            Thruk::Utils::set_message($c, 'fail_message', "Current password missing");
        }
        elsif($pass1 eq '' || $pass2 eq '') {
            Thruk::Utils::set_message($c, 'fail_message', "New password cannot be empty");
        }
        # check pass1 has any UPPER char
        elsif($pass1 !~ /[A-Z]/ ) {
            Thruk::Utils::set_message($c, 'fail_message', "New password should contain some UPPER case");
        }
        # check pass1 has any digit
        elsif($pass1 !~ /[0-9]/ ) {
            Thruk::Utils::set_message($c, 'fail_message', "New password should contain some Digit ");
        }
        # check pass1 has any @ # * = symbol
        elsif($pass1 !~ /[@#*=]/ ) {
            Thruk::Utils::set_message($c, 'fail_message', "New password should contain some symbol @#*= ");
        }
        # check pass1 =~ mean match any space bar
        elsif($pass1 =~ / / ) {
            Thruk::Utils::set_message($c, 'fail_message', "New password contain some white space ");
        }
        #elsif($pass1 =~ /^\d*$/) {
        #    Thruk::Utils::set_message($c, 'fail_message', "New password contain only number");
        #}
        #elsif($pass1 =~ /[^\w\s]/) {
        #    Thruk::Utils::set_message($c, 'fail_message', "New password contain non char");
        #}
        elsif(length($pass1) < $min_length) {
            Thruk::Utils::set_message($c, 'fail_message', "New password must have at least ".$min_length." characters.");
        }
        #elsif($pass1 ne '' && $pass1 eq $pass2) {
        elsif($pass1 ne '' && $pass1 eq $pass2 ) {
            my $err = _htpasswd_password($c, $user, $pass1, $old);
            if($err) {
                _error("changing password for ".$user." failed: ".$err);
                Thruk::Utils::set_message($c, 'fail_message', "Password change failed.");
            } else {
                _audit_log("configtool", "new password set for user ".$user);
                Thruk::Utils::set_message($c, 'success_message', "Password changed successfully");
            }
        }
        return $c->redirect_to('conf.cgi?action=user_password');
    }
}}}

Disable password change set to 1,  disable user api_key set to 0, we also can define the min char of password by put following text in '''/etc/thruk/thruk_local.conf''' file.
{{{
max_api_keys_per_user = 0
disable_user_password_change = 1
user_password_min_length = 5
}}}