Start a Conversation

Solved!

Go to Solution

10726

June 3rd, 2019 01:00

Avamar Rest API

Hello 

I have a question regarding the REST API with Avamar

We are currently running Avamar 7.5.1 and the documentation does not make sense.

the documentation on restAPI : https://www.emc.com/collateral/TechnicalDocument/docu87664.pdf 

talk about component that does not seem to exist

Example for the session the documentation mention to do a curl https://server:8543/rest-api/versions

when I do this i obtain a 404

jfillon@sv-2000lvp76 ~]$ curl -k -D- -X GET https://bk-2000app04.tbrs.local:8543/rest-api/versions
HTTP/1.1 404
Content-Type: text/html;charset=utf-8
Content-Language: en
Content-Length: 1095
Date: Mon, 03 Jun 2019 08:06:26 GMT
Connection: close
Server: Avamar

HTTP Status 404 – Not Found

HTTP Status 404 – Not Found


Type Status Report

Message /rest-api/versions

Description The origin server did not find a current representation for the target resource or is not willing to disclose that one exists.


Apache Tomcat/8.5.34

[jfillon@sv-2000lvp76 ~]$

so the page does not exit.

now on the 7.5.1 system there is a REST API as if i browse the URL swager as in the documentation 18.2 i do have aswagger and the restapi server is getting started when i start the MCS

 

[jfillon@sv-2000lvp76 ~]$ curl -v -k https://bk-2000app04.tbrs.local/api/swagger-ui.html
* About to connect() to bk-2000app04.tbrs.local port 443 (#0)
* Trying 10.3.50.50...
* Connected to bk-2000app04.tbrs.local (10.3.50.50) port 443 (#0)
* Initializing NSS with certpath: sql:/etc/pki/nssdb
* skipping SSL peer certificate verification
* SSL connection using TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
* Server certificate:
* subject: E=root,CN=BK-2000APP04.tbrs.local,OU=Dell EMC,O=Dell Technologies,L=Irvine,ST=California,C=US
* start date: Apr 21 09:50:02 2017 GMT
* expire date: Apr 20 09:50:02 2022 GMT
* common name: BK-2000APP04.tbrs.local
* issuer: E=root,CN=BK-2000APP04.tbrs.local,OU=Dell EMC,O=Dell Technologies,L=Irvine,ST=California,C=US
> GET /api/swagger-ui.html HTTP/1.1
> User-Agent: curl/7.29.0
> Host: bk-2000app04.tbrs.local
> Accept: */*
>
< HTTP/1.1 200 OK
< Date: Mon, 03 Jun 2019 08:13:25 GMT
< X-Content-Type-Options: nosniff
< X-XSS-Protection: 1; mode=block
< Cache-Control: no-cache, no-store, max-age=0, must-revalidate
< Pragma: no-cache
< Expires: 0
< X-Frame-Options: SAMEORIGIN
< X-Application-Context: Kylin:production:9000
< Last-Modified: Thu, 18 Oct 2018 16:40:09 GMT
< Accept-Ranges: bytes
< Content-Type: text/html
< Content-Length: 3246
<




Swagger UI





















 




* Connection #0 to host bk-2000app04.tbrs.local left intact
[jfillon@sv-2000lvp76 ~]$

any though on this ?

is the documentation wrong 

 

 

 

 

 

2K Posts

June 7th, 2019 05:00

So the not-so-secret secret is that the 18.2 REST API existed in 7.5.1... but it was not a public API, so using it for developing your own software is not supported on this release.

This API is what the new HTML5 AUI uses to communicate with Avamar MCS.

2K Posts

June 3rd, 2019 05:00

Are you certain the system is running Avamar 7.5.1?

Assuming the system is 7.5.1, the REST API compatible with this release is a separate, installable component. This component is only available by RPQ. I should also note that the older "Concerto" API is no longer being actively developed, so I would strongly recommend any new apps be written for the 18.2 API.

11 Posts

June 4th, 2019 01:00

Thanks, ionthegeek

I'm rather certain that it's running a 7.5.1 :)

So I found that the following the 18.2 documentation worked for me 

have a look at this 

admin@BK-REDACTED:~/>: gsan --version
version: 7.5.1-101
build date: Dec 15 2017 08:40:56
msg format: 13-10
SSL: TLSv1 OpenSSL 1.0.2l-fips 25 May 2017
Zlib: 1.2.3
LZO: 1.08 Jul 12 2002
platform: Linux
OS version: SLES-64
Processor: x86_64
admin@BK-REDACTED:~/>: mcserver.sh --version
version: 7.5.1-101_HF302282
PostgreSQL version: postgres (PostgreSQL) 9.4.13
db schema version: 7.5.1.22
views schema version: 7.5.0.5
admin@BK-REDACTED:~/>: {

admin@BK-REDACTED:~/>: curl -k -vvv -X POST -u MCUser:XXXXXXXXXXXXXXXX -H "Content-Type: application/json" --data @Body.json https://localhost/api/v1/oauth2/clients
* Hostname was NOT found in DNS cache
* Trying ::1...
* Connected to localhost (::1) port 443 (#0)
* successfully set certificate verify locations:
* CAfile: none
CApath: /etc/ssl/certs/
* SSLv3, TLS handshake, Client hello (1):
* SSLv3, TLS handshake, Server hello (2):
* SSLv3, TLS handshake, CERT (11):
* SSLv3, TLS handshake, Server key exchange (12):
* SSLv3, TLS handshake, Server finished (14):
* SSLv3, TLS handshake, Client key exchange (16):
* SSLv3, TLS change cipher, Client hello (1):
* SSLv3, TLS handshake, Finished (20):
* SSLv3, TLS change cipher, Client hello (1):
* SSLv3, TLS handshake, Finished (20):
* SSL connection using TLSv1.2 / ECDHE-RSA-AES128-GCM-SHA256
* Server certificate:
* subject: C=US; ST=California; L=Irvine; O=Dell Technologies; OU=Dell EMC; CN=BK-REDACTED.xxxx.local; emailAddress=root
* start date: 2017-04-21 09:50:02 GMT
* expire date: 2022-04-20 09:50:02 GMT
* issuer: C=US; ST=California; L=Irvine; O=Dell Technologies; OU=Dell EMC; CN=BK-REDACTED.xxxx.local; emailAddress=root
* SSL certificate verify result: self signed certificate (18), continuing anyway.
* Server auth using Basic with user 'MCUser'
> POST /api/v1/oauth2/clients HTTP/1.1
> Authorization: Basic TUNVc2VyOldpbGwtQkUtNTU1ODg4
> User-Agent: curl/7.37.0
> Host: localhost
> Accept: */*
> Content-Type: application/json
> Content-Length: 369
>
* upload completely sent off: 369 out of 369 bytes
< HTTP/1.1 200 OK
< Date: Tue, 04 Jun 2019 07:41:15 GMT
< X-Content-Type-Options: nosniff
< X-XSS-Protection: 1; mode=block
< Cache-Control: no-cache, no-store, max-age=0, must-revalidate
< Pragma: no-cache
< Expires: 0
< X-Frame-Options: SAMEORIGIN
< X-Application-Context: Kylin:production:9000
< Content-Type: application/json;charset=UTF-8
< Transfer-Encoding: chunked
<
{
"clientName" : "toto.rh.REDACTED.local",
"clientId" : "efe2cf51-5aea-466b-9c99-bcdbb48248f0",
"clientSecret" : "Gl5DfnQyxBHBDrAvjwjQun7b+raM3gL2KJiRa1LewlvEdHTvvMtYfdr5xQxE5lZ7criVg5aq/UZUPNpDZg9Pw",
"redirectUris" : [ "https://my-app-server/callback" ],
"scopes" : [ "read", "write" ],
"autoApproveScopes" : [ "all" ],
"authorizedGrantTypes" : [ "password" ],
"accessTokenValiditySeconds" : 1800,
"refreshTokenValiditySeconds" : 43200
* Connection #0 to host localhost left intact
}admin@BK-REDACTED:~/>:

This is why I got really confused, I knew back then Avamar REST API was only installable as stand alone appliance or on BRM with PS engagement but it look like from 7.5.1 it is like in 18.1/18.2 Rest API is shipped with MCS.

We have upgrade to 18.2 planned within the month but I found this to be weird to have the documentation of 18.2 working for 7.5.1.

 

as you can see this is a call to get the client registered to obtain an Oauth2 token and this is referenced in 18.2 and not in 7.5.1 REST API documentation which refers to the old API.

In that old API the session was open via the URL: https://RESTAPISERVER:8543/rest-api/login

If i do a Curl

admin@BK-REDACTED:~/>: curl -k -vvv -X POST -u MCUser:xxxxxxxxxx -H "Content-Type: application/json" --data @Body.json https://localhost:8543/rest-api/login
* Hostname was NOT found in DNS cache
* Trying ::1...
* Connected to localhost (::1) port 8543 (#0)
* successfully set certificate verify locations:
* CAfile: none
CApath: /etc/ssl/certs/
* SSLv3, TLS handshake, Client hello (1):
* SSLv3, TLS handshake, Server hello (2):
* SSLv3, TLS handshake, CERT (11):
* SSLv3, TLS handshake, Server key exchange (12):
* SSLv3, TLS handshake, Server finished (14):
* SSLv3, TLS handshake, Client key exchange (16):
* SSLv3, TLS change cipher, Client hello (1):
* SSLv3, TLS handshake, Finished (20):
* SSLv3, TLS change cipher, Client hello (1):
* SSLv3, TLS handshake, Finished (20):
* SSL connection using TLSv1.2 / ECDHE-RSA-AES256-GCM-SHA384
* Server certificate:
* subject: C=US; ST=California; L=Irvine; O=Dell Technologies; OU=Dell EMC; CN=BK-REDACTED.xxxxx.local
* start date: 2017-04-21 09:41:01 GMT
* expire date: 2022-04-20 09:41:01 GMT
* issuer: C=US; ST=California; L=Irvine; O=Dell Technologies; OU=Dell EMC; CN=BK-REDACTED.xxxxx.local
* SSL certificate verify result: self signed certificate (18), continuing anyway.
* Server auth using Basic with user 'MCUser'
> POST /rest-api/login HTTP/1.1
> Authorization: Basic TUNVc2VyOldpbGwtQkUtNTU1ODg4
> User-Agent: curl/7.37.0
> Host: localhost:8543
> Accept: */*
> Content-Type: application/json
> Content-Length: 369
>
* upload completely sent off: 369 out of 369 bytes
< HTTP/1.1 404
< Content-Type: text/html;charset=utf-8
< Content-Language: en
< Content-Length: 1092
< Date: Tue, 04 Jun 2019 08:00:18 GMT
< Connection: close
* Server Avamar is not blacklisted
< Server: Avamar
<
HTTP Status 404 – Not Found

HTTP Status 404 – Not Found


Type Status Report

Message /rest-api/login

Description The origin server did not find a current representation for the target resource or is not willing to disclose that one exist* Closing connection 0
* SSLv3, TLS alert, Client hello (1):
s.


Apache Tomcat/8.5.34

admin@BK-REDACTED:~/>:

For the moment i'm still at the dev part preparing my API call's so change of API will not be too much of an issue.

and the swagger is very usefull.

Would be cool if this post would get a bit of a refresh though :)

https://community.emc.com/blogs/LGTOman

I lost quite sometime following wrong track :p

 

 

 

 

 

 

2 Posts

June 7th, 2019 05:00

I am running Avamar 18.2 and am looking to authenticate against the REST-API. 

The part I can't seem to get right is the body. In the manual it references "CLIENT_ID", "CLIENT_NAME" and "PASSWORD", but it does not explain how to go about identifying those values.  Are you able to explain what they mean?  Is the Body an input to or an output from the authentication call?

2K Posts

June 7th, 2019 11:00

The clientId, clientName, and clientSecret fields are part of the OAuth 2 specification. The instructions on page 15 of the 18.2 REST API Getting Started Guide are a walkthrough for creating the client record.

https://support.emc.com/docu92032_Avamar-18.2-REST-API-Getting-Started-Guide.pdf?language=en_US

The clientId, clientName, and clientSecret should be supplied by you. The OAuth website has more information on what these values are and what they are used for but essentially these values are used to register and identify the "app" that is making the REST API calls.

https://www.oauth.com/oauth2-servers/client-registration/client-id-secret/

The body is the body of the HTTP request being sent to the server. This is typically in JSON format when making REST API calls.

An HTTP request that sends a JSON body looks something like this:

POST /actions/login
Content-Type: application/json
X-Other-Header: Value

{
  "Key": "Value",
  "Key": "Value"
}

The body of this request is everything after the newline at the end of the headers (i.e. the {} and everything in between). On page 15 of the Avamar 18.2 Getting Started guide, it shows a more complete example of a POST body.

No Events found!

Top