Please Note This forum exists for community support for the Mango product family and the Radix IoT Platform. Although Radix IoT employees participate in this forum from time to time, there is no guarantee of a response to anything posted here, nor can Radix IoT, LLC guarantee the accuracy of any information expressed or conveyed. Specific project questions from customers with active support contracts are asked to send requests to support@radixiot.com.
Solved Authenticating programmatically when using curl
-
I'm trying to connect to the API programmatically using curl calls from our server. I'm sending a call to /rest/v1/login/[username] to log in, followed by a call to /rest/v1/realtime/by-xid/[xid] to get the data value.
The login call works; it returns a response code of 200 and good data about the account. The second call, however, fails with 401 response (unauthorized).
I also tried setting the USERPWD curl option on the second call, which lets you send user name and password as part of the call, but got the same result (401, unauthorized).
How do you log in when making API calls using curl?
Many thanks!
-
Hi Jono,
I bet you're looking for this information: http://help.infiniteautomation.com/support/solutions/articles/14000023292-mango-rest-api-authentication
tldr: you need to supply the token you got when authenticating in subsequent headers
-
Hi, Phil,
Many thanks! I'm getting the token, but I'm now getting a 403 return from /rest/v1/realtime/by-xid/[xid] call. I'm setting headers as follows (this is in PHP):
// Initialize curl options $this->_curl_options = array( CURLOPT_RETURNTRANSFER => TRUE, CURLOPT_HEADER => TRUE, CURLOPT_VERBOSE => TRUE, CURLOPT_TIMEOUT => $this->_curl_timeout, ); $headers = array( 'Accept: application/json', 'Accept-Encoding: gzip', 'Accept-Language: en-US,en;q=0.5', 'Connection: keep-alive', 'Cache-Control: no-cache', "X-XSRF-TOKEN: {$this->_token}", ); $this->_curl_options[CURLOPT_HTTPHEADER] = $headers; $this->_curl_options[CURLOPT_USERAGENT] = "Mozilla/5.0 (Windows NT 10.0; WOW64; rv:48.0) Gecko/20100101 Firefox/48.0"; $this->_call_api();Then, the _call->api() method makes the call:
$this->_curl_options[CURLOPT_URL] = $this->call_string; $curl = curl_init(); curl_setopt_array($curl, $this->_curl_options); // Make the call $response = curl_exec($curl); curl_close($curl);Is this the right way to send the authentication token on the second call?
Thanks!
-
Hi Jono,
It looks like the help document may be incomplete! My mistake, I will update that document.
You should send the X-XSRF-TOKEN and session cookie in the Cookie header as:
Cookie: XSRF-TOKEN=[value]; MANGO[port]=[value]Sorry for the mix-up
-
Thanks, Phil!
The first option (2 headers) didn't work for me, but the second worked like a charm.
The single header format that worked:
Cookie: XSRF-TOKEN=[value];MANGO[port]=[value]
The two headers format that didn't:
X-XSRF-TOKEN: [value]
MANGO[port]: [value]If my syntax in the latter option is wrong, let me know ... but the single cookie option works quite nicely.
Thanks!
-
Glad to hear it. Yeah, I realized I was mistaken when I posted that (hence the edits, always good to get the information here than from the notifying emails). I had glanced at a test I have doing some API calls over nc and seen it wrong. I will try to get that document updated tomorrow. Sorry for the confusion.
-
Hi guys,
I will get in hear instead of creating a new topic.
A third party system get´s some datapoints over RESTful API (swagger). They got the Java-Client-Example from here http://help.infiniteautomation.com/support/solutions/articles/14000023292-mango-rest-api-authentication
but had no success to develop something good. The theory of authentication and the cookie-handling are clear.The problem is to realize the Java-Client without more informations about libraries,..... Are their some librarieres that we missed?
Regards
Sasa -
The link mentioned is not valid anymore
