Unsolved
1 Message
0
1048
Avamar - REST API - Token error
Hi Team
I am trying to access avamar api from postman and was able to create a client with the help of api doc but i am getting unauthorized error while trying creating token. it feels base 64 value i am passing is wrong since it is not mentioned in docs which password should be used with client id although in body i am passing admin credentials.
So can anybody breakdown the steps to access api as mentioned in api doc.
Second confusion is related to client id , name , secret code since in doc it is saying to pass appropriate value, what exactly should be the value is there any limitation i need to keep in mind while passing on these variables from my end, right now for testing i am passing ava in all three of them
gdny
41 Posts
0
June 7th, 2022 08:00
So I can't answer why its not working because I'm going through the same issue. Sadly the doc is not great, but I can answer your second confusion.
The client ID, name and secret is something that needs to be registered in the server so it can be used to create the tokens. I looked at this link for a better description: https://www.oauth.com/oauth2-servers/client-registration/client-id-secret/
POST https:// /api/v1/oauth2/clients
You provide the ID - I used "client1" and the client name which seems to be just a description: "client 1" and it returns the client secret which the document then calls . Not to be confused with the user password.
I hope you get it working. And if you do, please share, because no matter what I use in the 2nd POST to get the token, I get an unauthorized
thanks.
nghlp
1 Message
0
August 10th, 2022 07:00
What is below is only after you have generated a client_id and secret for the client_id. The link from gdny has some best practices there on what to use for both.
This is what I got working for getting a token using BasicAuth as the type. Note: Set verify to False for testing only to eliminate cert validation issue as a problem.
POST request is structured like this:
(
https://avamar_server/api/oauth/token, auth=HTTPBasicAuth(client_id,client_secret), /
headers={"Content-Type": "application/x-www-form-urlencoded"}, /
data=grant_type=password&scope=read&username=an_admin_user_name&password=an_admin_password, /
verify=False
)
bfortman
2 Posts
0
September 25th, 2023 14:51
For getting this to work one should first start with the Dell EMC Avamar REST API Getting Started Guide and go to around page 15. I will say this document is NOT well written and hard to understand if you are attempting to set up oauth2 for the first time. Another tip is to avoid using Swagger for creating the client ID - you should be using another tool like curl, perl, yarc, or my personal favorite - python. I did/do use Swagger for REST API command syntax help and most importantly, there is a rest-audit-controller section where you can view the rest api "syslog" information. This is helpful when your REST API interface code is not returning any useful or robust error information (a common problem with REST API's).
STEP 1:
Create a rest "client ID" to be used for oauth2 authorization.
STEP 2:
Get an access token
STEP 3:
Use the access token for further Avamar REST API Calls.
bfortman
2 Posts
0
September 25th, 2023 15:01
URL got truncated during post: Here is the full line of code code.
url = f'https://avamar-server-name/api/oauth/token?grant_type=password&scope=write&username={admin_user}&password={admin_password}'