I think I am doing something stupid and can't find documentation around it.
I have this above policy set in openAM and trying to validate it with json/policies?_action=evaluate. But I can't find how would I have to pass the environment key and values for the above-configured condition? I have tried them in a cookie or in headers but don't seem to get it right. should I add them in the environment and then write the script to handle (and return authorize true) that from the request in the openAM services? OR do I have to add custom service in for identity and that would handle this? OR am I missing this completely?
request for validate is:
curl -X POST \
'http://0.0.0.0:8080/openam/json/policies?_action=evaluate' \
-H 'Accept: */*' \
-H 'Accept-API-Version: resource=1.0' \
-H 'Content-Type: application/json' \
-H 'Cookie: iPlanetDirectoryPro=<token-of-web-agent>' \
-H 'Host: 0.0.0.0:8080' \
-d '{
"resources":["/members"],
"application":"iPlanetAMWebAgentService",
"subject":{
"ssoToken":"<ssoToken-of-demo-user>"
},
"environment": {}
}'
Related
I repeatedly received an authentication error just like this (not me) when using the Cloudflare api.
curl -X GET "https://api.cloudflare.com/client/v4/zones/<ZONEID>/dns_records?type=A&name=<DOMAIN>&content=127.0.0.1&proxied=undefined&page=1&per_page=20&order=type&direction=desc&match=all" \
-H "X-Auth-Email: <EMAIL>" \
-H "X-Auth-Key: <APITOKEN>" \
-H "Content-Type: application/json"
{“success”:false,“errors”:[{“code”:10000,“message”:“Authentication error”}]}
What am I doing wrong?
I was getting that exact same error message, and I found out that I was using the API Token instead of the API Key in the X-Auth-Key parameter.
Apparently the only way that seems to work is to use the user token instead of the zone one.
curl -XPOST -H 'X-Auth-Key: TOKEN' -H 'X-auth-email: EMAIL' -H \"Content-type: application/json\" -d '{\"type\":\"CNAME\",\"name\":\"hi\",\"content\":\"example.com\",\"proxied\":true}' 'https://api.cloudflare.com/client/v4/ZONE_ID/dns_records'
I'm trying to get clones with (from here):
curl -H "Accept: application/vnd.github.v3+json" https://api.github.com/repos/{myname}/{myrep}/traffic/clones
However, I get this error:
"message": "Must have push access to repository"
I even tried:
curl -H "Authorization: token {mytoken}" -H "Accept: application/vnd.github.v3+json" https://api.github.com/repos/{myname}/{myrep}/traffic/clones
but I get the same error...
I used the old API version and it was easy and quick, and I cannot find a working solution... what am I missing?
(I would like to use curl since I use this command in a sh file)
curl \
-H "Authorization: token bade46eb8b548dcb47c4a3263492faa7fb857d83" \
-H "Accept: application/vnd.github.v3+json" \
https://api.github.com/repos/{user}/{repository name}/traffic/clones
This command works with the new API
(the token is fake, but useful for people to have a general idea of how it looks)
I have created account on Sandbox
I have then created a group with
curl -i -X POST \
-H "Authorization: Bearer <ACCESS_TOKEN>" \
-H "Content-Type: application/json" \
-d \
"{
\"context\": \"https://standards.oftrust.net/v2/Context/Identity/Group/\",
\"type\": \"Group\",
\"data\": {
\"name\": \"Company Oy\"
}
}" "https://api-sandbox.oftrust.net/identities/v1"
I have also created a Link between person and group, I used MemberOf
curl -i --request POST \
--url https://api-sandbox.oftrust.net/identities/v1/{fromIdentityId}/link/{toIdentityId} \
--header 'Authorization: Bearer <ACCESS_TOKEN>' \
--header 'content-type: application/json' \
--data '{
"context": "https://standards.oftrust.net/v2/Context/Link/Role/MemberOf/",
"type": "Member"
}'
I got successful response that link was created between those identities.
Trying to delete this link now, but I get as response 404 and message Link not found.
What I try is according with example from documentation
curl -i -X DELETE \
-H "Authorization: Bearer <ACCESS_TOKEN>" \
"https://api-sandbox.oftrust.net/identities/v1/{fromIdentityId}/link/{toIdentityId}/MemberOf"
[UPDATE]: I discovered also in Identity API documentation that can list all links of identity.
And have made this for group identity:
curl -i -X GET \
-H "Authorization: Bearer <ACCESS_TOKEN>" \
"https://api-sandbox.oftrust.net/identities/v1/<group_id>/links"
The response shows that link between group and person identities.
Firstly, make sure you respected the id values (their order) for From and To. They should be the same you get in response of https://api-sandbox.oftrust.net/identities/v1/<group_id>/links
Secondly, delete Link endpoint needs to be used with a type, as exemplified. In this case MemberOf. But looking at the creation of the link there is a typo: context used is correct, but the type is Member. Type should match the last part of the name in context => MemberOf
In this case, since you are trying to delete it, simply use Member
curl -i -X DELETE \
-H "Authorization: Bearer <ACCESS_TOKEN>" \
"https://api-sandbox.oftrust.net/identities/v1/{fromIdentityId}/link/{toIdentityId}/Member"
Im trying to make a basic call to the ONELOGIN API. After generating the cliend ID and secret with MANAGE ALL permissions, im still unable to connect
Generated correctly the ID and secret with the right permissions as per official documentation
curl 'https://api.us.onelogin.com/auth/oauth2/v2/token' \
-X POST \
-H "Authorization: client_id:, client_secret:" \
-H "Content-Type: application/json" \
-d '{
"grant_type":"client_credentials"
}'
i expected to connect, instaead the output is
{"status":{"error":true,"code":401,"type":"Unauthorized","message":"Authentication Failure"}}
I have GoCD instance and want to automate regular actions like scheduling pipelines and checking pipelines statuses using GoCD API.
When I do GET request it works:
curl 'https://gocd.demo.kagarlickij.com/go/api/pipelines/frankenstein/status' \
-u 'kagarlickij:Pa$$w0rd' | jq
..but when I do POST request it returns "The resource you requested was not found!":
curl 'https://gocd.demo.kagarlickij.com/go/api/pipelines/frankenstein/pause' \
-u 'kagarlickij:Pa$$w0rd' \
-H 'Accept: application/vnd.go.cd.v1+json' -H 'Content-Type: application/json' \
-X POST -d '{"pause_cause": "Investigating build failures"}' | jq
..another POST example:
curl 'https://gocd.demo.kagarlickij.com/go/api/pipelines/frankenstein/schedule' \
-u 'kagarlickij:P#$$w0rd' \
-H 'Accept: application/vnd.go.cd.v1+json' -H 'Content-Type: application/json' \
-X POST -d #gocd.json | jq
json content:
{
"environment_variables": {},
"materials": {},
"update_materials_before_scheduling": false
}
Any ideas how pipelines could be started using API?
Some GoCD API calls require 'Confirm': 'true' header.
In you case, you can try running curl like this:
curl 'https://gocd.demo.kagarlickij.com/go/api/pipelines/frankenstein/pause' \
-u 'kagarlickij:Pa$$w0rd' \
-H 'Accept: application/vnd.go.cd.v1+json' \
-H 'Content-Type: application/json' \
-H 'Confirm: true' \
-X POST -d '{"pause_cause": "Investigating build failures"}' | jq
I can recommend my lib yagocd for GoCD, which takes cares about version incompatibilities and makes working with GoCD API much easier.
The answer turned out to be very simple - that API actions require GoCD v18.2.0 but I had v18.0.0
After upgrade API calls work as expected