Skip to main content
Start a Conversation

Unsolved

nitzzr

1 Message

1048

May 24th, 2022 07:00

Avamar - REST API - Token error

Hi Team

I am trying to access avamar api from postman and was able to create a client with the help of  api doc but i am  getting unauthorized error while trying creating token. it feels base 64 value i am passing is wrong since it is not mentioned in docs which password should be used with client id although in body i am passing admin credentials. 

So can anybody breakdown the steps to access api as mentioned in api doc.

Second confusion is related to client id , name , secret  code since in doc it is saying to pass appropriate value, what exactly should be the value is there any limitation i need to keep in mind while passing on these variables from my end, right now for testing i am passing ava in all three of them

gdny

41 Posts

June 7th, 2022 08:00

So I can't answer why its not working because I'm going through the same issue.  Sadly the doc is not great, but I can answer your second confusion.

The client ID, name and secret is something that needs to be registered in the server so it can be used to create the tokens.  I looked at this link for a better description: https://www.oauth.com/oauth2-servers/client-registration/client-id-secret/

POST https:// /api/v1/oauth2/clients

You provide the ID - I used "client1" and the client name which seems to be just a description: "client 1" and it returns the client secret which the document then calls . Not to be confused with the user password.

I hope you get it working.  And if you do, please share, because no matter what I use in the 2nd POST to get the token, I get an unauthorized 

thanks.

nghlp

1 Message

August 10th, 2022 07:00

What is below is only after you have generated a client_id and secret for the client_id.   The link from gdny has some best practices there on what to use for both.

This is what I got working for getting a token using BasicAuth as the type.   Note:  Set verify to False for testing only to eliminate cert validation issue as a problem.  
POST request is structured like this:
(
https://avamar_server/api/oauth/token, auth=HTTPBasicAuth(client_id,client_secret), /
headers={"Content-Type": "application/x-www-form-urlencoded"}, /
data=grant_type=password&scope=read&username=an_admin_user_name&password=an_admin_password, /
verify=False

bfortman

2 Posts

September 25th, 2023 14:51

For getting this to work one should first start with the Dell EMC Avamar REST API Getting Started Guide and go to around page 15.  I will say this document is NOT well written and hard to understand if you are attempting to set up oauth2 for the first time.  Another tip is to avoid using Swagger for creating the client ID - you should be using another tool like curl, perl, yarc, or my personal favorite -  python.  I did/do use Swagger for REST API command syntax help and most importantly, there is a rest-audit-controller section where you can view the rest api "syslog" information.  This is helpful when your REST API interface code is not returning any useful or robust error information (a common problem with REST API's).  

STEP 1:

Create a rest "client ID" to be used for oauth2 authorization.

  • The client ID is just a user ID.  
  • The client ID will need a password - in this context, the password is called the "secret"
  • To create the client ID, you must also first have an another Avamar account ID with Admin privileges.   
  • You must know the password of the Avamar Admin account.
getting 

#!/usr/bin/python3

#---------------
#  Modules
#---------------
import requests
import sys
import json
import urllib3


#------------------------------------
#  Ignore HTML Certificate Warnings
#------------------------------------
urllib3.disable_warnings(urllib3.exceptions.InsecureRequestWarning)


#--------------------------------------------------
#  REST API URL's and Authentication Credentials
#--------------------------------------------------
url                     = 'https://avamar-server-name/api/v1/oauth2/clients'
user                    = 'Avamar-admin-account-id'
password                = 'Avamar-admin-account-id-password'

body = {
         "accessTokenValiditySeconds": 1800,
         "refreshTokenValiditySeconds": 43200,
         "authorizedGrantTypes": [ "password" ],
         "autoApproveScopes": [ "all" ],
         "scopes": [ "read", "write" ],
         "clientId": "restclient1",
         "clientName": ""A-description-of-the-clientId-goes-here",
         "clientSecret": "put-some-secret-text-here-it-is-NOT-generated-for-you",
         "redirectUris": [ "https://avamar-server-name/callback" ]
        }


#-----------------------------
#  Establish Session
#-----------------------------
session         = requests.Session()
session.auth    = ( user, password )
session.verify  = False
session.headers = ( {'Content-Type': 'application/json'} )


#-----------------------------------------------------------
#  Initiate REST API Request (post) and create the client ID
#-----------------------------------------------------------
try:
    response = session.post( url, json=body )
except requests.exceptions.HTTPError as error:
    print(error)
    response.raise_for_status()

response_json = response.json();
print(response_json)
session.close()
sys.exit()


STEP 2:

Get an access token

  • You will need the newly created client ID
  • You will need the client ID "secret" (password)
  • You will need an Avamar account ID with admin level access
  • You will need the password for the Avamar account ID with admin level access
#!/usr/bin/python3

#---------------
#  Modules
#---------------
import requests
import sys
import json
import urllib3


#------------------------------------
#  Ignore HTML Certificate Warnings
#------------------------------------
urllib3.disable_warnings(urllib3.exceptions.InsecureRequestWarning)


#--------------------------------------------------
#  REST API URL's and Authentication Credentials
#--------------------------------------------------
client_id      = 'restclient1'
client_secret  = 'your-secret-text-for-the-clinetId'
admin_user     = 'avamar-admin-user'
admin_password = 'avamar-admin-user-password'
url            = f'https://avamar-server-name/api/oauth/token?grant_type=password&scope=write&username={admin_user}&password={admin_password}'


#-----------------------------
#  Establish Session
#-----------------------------
session         = requests.Session()
session.auth    = ( client_id, client_secret )
session.verify  = False
session.headers = ( {'Content-Type': 'application/x-www-form-urlencoded'} )


#----------------------------------------------------------------
#  Initiate REST API Request (post) and get the access token
#----------------------------------------------------------------
response = session.post( url )
response_json = response.json();

if (response.status_code == 200 or response.status_code == 201 ):
    token = response_json['access_token']
    print(token)
else:
    print (f'ERROR: code = {response.status_code}')
    response.raise_for_status()

session.close()
sys.exit()


STEP 3:

Use the access token for further Avamar REST API Calls.

bfortman

2 Posts

September 25th, 2023 15:01

URL got truncated during post: Here is the full line of code code.

url  =  f'https://avamar-server-name/api/oauth/token?grant_type=password&scope=write&username={admin_user}&password={admin_password}'

View More

View All

No Events found!

Top