Get API Account Credentials

English Development: API/Events
1

On page
https://wazo-platform.org/uc-doc/api_sdk/rest_api/quickstart

it shows the script to be run to get an API Account as
POST /users {“purpose”: “external_api”, “username”: “rest-api-test”, …} POST /policies {“acl”:[“confd.#”, “auth.#”], …} PUT /users/{user_uuid}/policies/{policy_uuid}

I assume I change the “rest-api-test” to whatever I want as the username and run this as one line from the command-line-interface of the server running wazo.

Unfortunately, when I do this, I get the prompt:
Please enter content (application/x-www-form-urlencoded) to be POSTed:

and I have no idea where to go from there.

If I am supposed to change {user_uuid} and/or {policy_uuid} to an actual user_uuid or policy_uuid, where do I get these values?

I have tried going to the API documentation, but I am not finding the reference and am stuck.

Any suggestions?

2

Oh … Didn’t know POST/GET was a real command line …
We have a big job to change all these snippet for a working command (ex: with curl)

For now they only show you which request to use. They are no real command for which you can copy/paste

I suggest you to use interactive console and enter your wazoip in the top-left field.

You will able to make these 3 requests (I fixed the styling in the doc - PR)

  • POST /users {“purpose”: “external_api”, “username”: “rest-api-test”, …}
  • POST /policies {“acl”:[“confd.#”, “auth.#”], …}
  • PUT /users/{user_uuid}/policies/{policy_uuid}

{user_uuid} and {policy_uuid} are uuid returned by previous POST requests

3

I now have a working API user and have assigned it a full (admin privileges) policy. And yes, I will delete this user soon, once I have experimented a bit and better understand how to apply more restrictive policies.

Thanks for the replies @Miker and @fblackburn

I could not completely follow the logic posted since:

  • To create a new user using the Web UI (or cURL),
    I needed an existing user/password to create a token
    that I could then use to create the new user/password
  • I guess I could (in retrospect) use the root user with its password
    but never even thought of that until I was typing this up.

So for others looking to do a similar thing, which is to create a user/password with a policy assignment that gave me freedom to play with node-red

I SSH’d into the Wazo server and upgraded to superuser (root) and then:

  • enabled the wazo-auth-cli by entering “wazo-auth-cli” (I bet you guessed that)
    which opened the subshell
  • listed the current tenants with “tenant list”
    to get the Tenant UUID for my installation
  • listed the current policies with policy list
    to get a policy UUID that I wanted
    and I ended up (for now) using the “wazo_default_admin_policy” policy
    so took the PolicyUUID from that one
  • created the new user with
    user create --password {UserPassword} --purpose external_api --tenant {TenantUUID} {UserName}
    (replacing the items in brackets (and the brackets) with real entries)
    Which returned my UserUUID
  • Confirmed my new User and UserUUID with
    user list

I then went to https://wazo-platform.org/documentation/console/authentication where I:

  • entered the Wazo IP address in the top left box
  • entered {UserName}:{UserPassword} into the box at the top right
  • Clicked “Validate”
    (which put the token into that box)
  • Scrolled down and clicked on “Users /users/{UserUUID}/policies/{PolicyUUID}”
    Clicked “Try it out”
    Entered the UserUUID and PolicyUUID from above
    Clicked “Execute”

This gave me a UserName/UserPassword with owerful acl access (realistically more powerful than I will put in place for production) that I can use in node-red and python to access API calls

I was also able to play with the APIs and see the cURL command equivalents for each

3 Likes