Yaak Logo
Yaak
Docs/Authentication/NTLM

NTLM

Authenticate with Windows NTLM for corporate and legacy systems

Authentication

NTLM (NT LAN Manager) authentication is a Microsoft authentication protocol used in Windows environments. Use this for corporate APIs, SharePoint, Exchange, and other Microsoft services that require Windows authentication.

How It Works

NTLM uses a challenge-response mechanism:

  1. Yaak sends an initial request with a Type 1 (negotiation) message
  2. The server responds with a Type 2 (challenge) message
  3. Yaak computes a Type 3 (authentication) message using your credentials
  4. The final request includes the authentication header

This handshake happens automatically—you just provide your credentials.

Configuration

Select NTLM Auth from the Auth dropdown. Configure these fields:

Field Description
Username Your Windows username
Password Your Windows password

Advanced Options

Expand Advanced for additional settings:

Field Description
Domain Windows domain name (e.g., CORP)
Workstation Client workstation name

The domain is often required in corporate environments. Try formats like:

  • DOMAIN (NetBIOS name)
  • domain.company.com (FQDN)

Usage

  1. Select NTLM Auth from the Auth dropdown
  2. Enter your Windows username and password
  3. Add domain if required by your organization
  4. Send your request—Yaak handles the NTLM handshake automatically

Template Variables

Use environment variables for credentials:

Username: ${[env.WINDOWS_USER]}
Password: ${[env.WINDOWS_PASS]}
Domain: ${[env.WINDOWS_DOMAIN]}

Common Use Cases

  • SharePoint APIs - Accessing SharePoint REST services
  • Exchange Web Services - Email and calendar APIs
  • IIS-hosted APIs - Internal corporate web services
  • Legacy Windows services - Older Microsoft integrations

Troubleshooting

401 Unauthorized

  • Verify your username and password
  • Try including the domain (e.g., DOMAIN\username format or separate domain field)
  • Check if your account is locked or expired

Connection Issues

  • NTLM requires multiple round-trips; ensure keep-alive connections work
  • Some proxies interfere with NTLM—try direct connections

Domain Not Found

  • Try different domain formats (NetBIOS vs FQDN)
  • Contact your IT administrator for the correct domain name
Next OAuth 1.0

Was this page helpful?

Loading...