I would like access to the clash of clans API (developer.clashofclans.com) in my Vagrant box but i have an accessDenied "Invalid authorization".
This is because my ip is not allowed but what ip i do put ?
If you running on localhost, you should put your NAT, you can see it here: http://whatismyipaddress.com/
Also, an easy way to know which IP you should put you can do this trick:
Create a api key with stupid ip address
Make a curl request with this token:
curl -X GET --header "Accept: application/json" --header "authorization: Bearer " "https://api.clashofclans.com/v1/clans?name=test"
And you will get a response like this:
{"reason":"accessDenied.invalidIp","message":"Invalid authorization: API key does not allow access from IP XXX.XXX.XXX.XXX"}
Now you know for sure what ip the API is expecting from you :)
Related
I am looking at the Cloudflare API to grab a list of domains in our Cloudflare account.
Where do I grab the Cloudflare "X-Auth-Key" from so I can run the following command:
curl.exe -X GET "https://api.cloudflare.com/client/v4/zones" -H "X-Auth-Email: xx#xx.com" -H "X-Auth-Key: xxx" -H "Content-Type: application/json";
Thanks,
Steve
In order to get a key provided to X-Auth-Key you need to register here
Once registered, go to My profile -> API Tokens tab, there you will be able to generate a key using Create token button.
I need to authenticate admin user via curl command so I can pragmatically add,delete, modify users in wso2
I can call the api end points for user add/mod/delete no problem. But without being able to first authenticate to wso2 it is all for naught. When I send the curl command I get no response back, and nothing shows in the logs.
This is my basic curl command, right out of the books:
curl -X POST "https://xxxxxxx.com:9443/login/portal" -H "Content-Type: application/x-form-urlencoded" -d "username=uid&password=foo&grantType=password"
You can use SCIM APIs with basic authentication to manage users.
If you want to use OAuth2 tokens, you can get them like this.
curl -k -d "grant_type=password&username=<username>&password=<password>"
-u <Consumer_key>:<Consumer_secret>
-H "Content-Type: application/x-www-form-urlencoded"
https://localhost:9443/oauth2/token
[1] https://docs.wso2.com/display/IS530/SCIM+1.1+APIs
My Below API using terminal works fine
curl -v --header "Authorization: Bearer LgiffI2nL4lEiCle" -X POST "https://<my-url>/api/source/loadAccounts/85296"
But When I'm trying the same usimng POSTMAN it's not, why ? I'm getting 403 forbidden
The token expiration time is 1 hour long, so I'm sure token isn't expired.
it is possible that postman's user-agent is not white-listed, while curl's user-agent is white-listed. (and going by the comments, this is probably the case)
another possibility could be that it's an IP block, and your terminal/curl is using an allowed IP (ssh'ed into something?), and you're running postman from a not white-listed IP.
Edit
Incase your App server blocking X-CSRF request and terminal/curl is enabled, you need to install Standalone POSTMAN and use User-Agent: curl/7.52.1
I have a question about how can I configure -H "Host: my.host.com" from gateway to my api.
I have the following logic:
I try to cover, for example, my-api.net via apiman-gateway.
For example, I can do the following direct call to my api like 'curl -X GET --header 'Accept: */*' -H "Host: www.google.com" 'http://my-api.net/accounts?accountNumber=12314123'.
Based on this call, my api will know, that my consumer is google for example. But once I try to make a call via apiman-gateway 'curl -X GET --header 'Accept: */*' -H "Host: www.google.com" 'http://apiman-gateway/GoogleOrganization/API/V1/accounts?accountNumber=12314123', the host is not possible to pass, and implementation of my api tells me that it does not know any host name like already deployed my-api.net. Probably someone can tell me how can I set up for example via policy, probably just to make a call from apiman-gateway to my api with the host parameters like above?
I am new to openstack, trying to use Ceilometer python API to pull some data from a testbed server, I am accessing the server from a remote site
the problem is that I cannot figure out how get the an authorization token
I used the following command
curl -i 'http://HOST:8774/' -X POST -H "Content-Type: application/json" -H "Accept: application/json" -d/tokens auth": {"tenantName": "project", "passwordCredentials": {"username": "user", "password": "password"}}}'
But it does not give me anything,
curl -X GET -H "X-Auth-Token:$MY_TOKEN" http://HOST:8774/tokens
also does not give me any token
From your use of port 8774 I suspect you might be using DevStack. Try this
curl -s -X POST http://$OPENSTACK_KEYSTONE_HOST:5000/v2.0/tokens -d '{"auth": {"passwordCredentials": {"username":"my-username", "password":"my-password"}, "tenantName":"my-tenantName"}}
In DevStack Keystone (the auth service you get tokens from) is running on port 5000 by default. This may or may not be true in your case. Ask your friendly OpenStack operator what host (and port) Keystone is running on and put that in place of $OPENSTACK_KEYSTONE_HOST:5000