How-to use token in api/v2.0 without Unauthorized

gaetan.schneller · 7 June 2024 14:26

I installed ONLYOFFICE for testing via GitHub - ONLYOFFICE/Docker-CommunityServer: Collaborative system for managing documents, projects, customer relations and emails in one place. I started docker-compose.workspace.yml.

I want to test the API v2:

I retrieve a token with:

curl --request POST --header "Content-Type: application/json" --data '{"username":"user","password":"password"}' "http://server/api/2.0/authentication.json"

Then I use it in the request:

curl -I --request GET --header "Content-Type: application/json" -H "Accept: application/json" -H "Authorization: XXXXXX" "http://server/api/2.0/people"

J’obtient

HTTP/1.1 401 Unauthorized
Server: nginx/1.22.0
Date: Fri, 07 Jun 2024 13:59:06 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 12
Connection: keep-alive
WWW-Authenticate: Basic Realm="server"
X-AspNet-Version: 4.0.30319
Cache-Control: private

In one command:

curl -I --request GET --header "Content-Type: application/json" -H "Accept: application/json" -H "Authorization: $(curl --request POST --header "Content-Type: application/json" --data '{"username":"user@mail.com","password":"password"}' "http://server/api/2.0/authentication.json" -s | jq .response.token)" "http://server/api/2.0/people"

Constantine · 10 June 2024 09:37

Hello @gaetan.schneller

gaetan.schneller:

I retrieve a token with:

curl --request POST --header "Content-Type: application/json" --data '{"username":"user","password":"password"}' "http://server/api/2.0/authentication.json"

As I can see you are using following method:

Please specify which method you are using here:

gaetan.schneller:

Then I use it in the request:

curl -I --request GET --header "Content-Type: application/json" -H "Accept: application/json" -H "Authorization: XXXXXX" "http://server/api/2.0/

gaetan.schneller · 11 June 2024 11:22

I test with people method, http://server/api/2.0/people
I directly use the token returned by the POST on “http://server/api/2.0/authentication.json” instead of XXXXXX
On the other hand, the authentication request returns me an ‘expires’ at the UTC date of the present moment, therefore for me 2 hours in the past

gaetan.schneller · 11 June 2024 11:26

I follow API Backend - ONLYOFFICE Api Documentation

Constantine · 13 June 2024 08:44

Please try using following structure for the GET request to /people:

curl --location --request GET "http://server/api/2.0/people" --header "Content-Type: application/json" --header "Accept: application/json" --header "Authorization: <auth_token>"

gaetan.schneller · 14 June 2024 06:22

It’s my mistake, I forget @self.json at the end of request,

You can close the ticket