I am newbie to synology. I want to access my Synology NAS drive. I followed Synology_Download_Station_Official_API.
I read basic Working example to get API Information:
Step 1: Get API Information
In order to make API requests, you should first request SYNO.API.Info to get the SYNO.API.Auth API
info for session login and SYNO.DownloadStation.Task API info for download task list.
Request:
http://myds.com:5000/webapi/query.cgi?api=SYNO.API.Info&version=1&my=SYNO.API.Auth,SYNO.DownloadStation.Task
I changed myds.com:5000 with mydomain.com:3456
I created GET request but every time my request times out. Am i doing something wrong?
Please guide as i am using it for first time.
I think your request could be wrong, but this doesn't explains why it timeout...
The correct request should be:
http://myds.com:5000/webapi/query.cgi?api=SYNO.API.Info&version=1&method=query&query=SYNO.API.Auth,SYNO.DownloadStation.Task
You can see the correct requests in the Synology documentation at
https://global.download.synology.com/download/Document/Software/DeveloperGuide/Package/DownloadStation/All/enu/Synology_Download_Station_Web_API.pdf
Related
I want to use Apache Nifi to track real time tweets
i pasted in my keys correctly but all requests return this error :
19:15:20 UTC ERROR
GetTwitter[id=59b5cb18-017e-1000-a6a2-991a653ec138] Received error HTTP_ERROR: HTTP/1.1 403 Forbidden. Will attempt to reconnect
i dont know where the problem is from.
thank you.
403 Forbidden means the Twitter API is rejecting your request - your access keys could be incorrect, or you might not have the right access rights for the endpoint you're accessing.
The request is understood, but it has been refused or access is not allowed. An accompanying error message will explain why.
Check that your developer account includes access to the endpoint you’re trying to use. You may also need to get your App allowlisted (e.g. Engagement API or Ads API) or sign up for access.
From https://developer.twitter.com/en/support/twitter-api/error-troubleshooting
Make sure you follow the advice from Twitter here and make note of:
With Essential access, you are only able to make requests to the Twitter API v2 endpoints, and not the v1.1 or enterprise endpoints. You are limited to 500K Tweets/month, and unable to take advantage of certain developer portal functionality such as teams and access to additional App environments
There are limits on what you can do with the Essential access level. See here.
If that doesn't help - please include a screenshot of your GetTwitter config and your version of NiFi.
If it raises 403 error while using GetTwitter processor in nifi.
API Key & consumer key aren't only a problem. Change the Twitter endpoint field while configuring the GetTwitter processor from
Filter Endpoint
to
Firehose Endpoint
In the field of twitter endpoint
Probably this will work!!
after successfully getting past the login page using curl in Linux (bash) with two sites that use information from the HTML-form field to accomplish this, I now also want to login to another site with my credentials that is a bit more tricky. I'm new to this and it seems that it works with OAuth so I need an access token first. With my two successfull attempts it was necessary to extract a CSRF token from the HTML code so as to prove I'm not a malicious bot. But now it's completely different and the server thinks I'm a bot (see error messages below).
Can somebody please confirm whether these are the only steps involved for logging in to an OAuth protected site:
a POST request to the server that generates the token (https://name_of_site/api/v1/auth/token)
a GET request to a password-protected part of the website using the access token from step 1
When I try step 1, I get error messages as shown below*. I inspected the website before logging in and afterwards with a browser and copied everything as cURL (bash). In the header fields of the token request I can find two more fields that look like they provide dynamic information:
x-trace-request-id
x-recaptcha-v3
I did some research and found that the request ID stays the same for some interactions that go to and from a server to facilitate identification of the client(?).
And concerning the recaptcha, I know what a recaptcha is, but I did not have to solve any captchas when accessing the site with a browser. So I'm quite unsure about these bits of information.
I strongly assume that I need to send one or both of these headers in the first step to actually get an acess token. But how could I get valid values for these parameters with cURL?
Any help is aprreciated! Please point me in the right direction. I can provide more information if needed, of course.
{"status":"ERROR","statusCode":400,"data":{"message":"Request failed with status code 400","error":"invalid_grant","error_description":"invalid credential","bot-detection-error":"MissingAdditionalAuthToken"}}
This is the error I get when I do not provide x-trace-request-id and x-recaptcha-v3
{"status":"ERROR","statusCode":400,"data":{"message":"Request failed with status code 400","error":"invalid_grant","error_description":"invalid credential","bot-detection-error":"InvalidCaptchaV3Token"}}This is the error I get when I simply use the values as copied from the old request when I used the browser
I have recorded a login flow of an application and found some URIs like below:
/api/oauth2/initiate GET
/oauth2/authorize GET
/api/v1/oauth2/authorize GET
/api/v1/oauth2/authenticate POST
{"username":"${Username}","password":"${Password}","client_id":"${client_Id}","response_type":"code","redirect_uri":"${scheme}://${host}/api/oauth2/callback","server_id":"${server_Id}"}
When I am hitting above in sequence via JMeter I am getting 200 response. Just like JMeter I tried recording in Postman and it worked same, but instead of JSON it gave response in XML format.
It doesn't generate a access_token, it works via session cookies.
My question is - Do I really have API access or it is just browser record n play? If Yes, Does this mean I can get access to any API, if I am a registered user of that application? For ex: Facebook, YouTube or any startup website.
JMeter works on the protocol level. This means that whatever request you are generating. Say a simple browser request or an API call, you can do that easily.
Now the thing is replicating requests. You don't need to record the requests necessarily using the browser. You need to analyze the few things that are required. Say Postman is generating a request. You specify the things you want to send and you use the API Token there. The same things can be specified there as well. It all depends on how you are understanding the concept of request generation.
You simply need to replicate the samplers and the parameters. And the request headers in postman can be replicated here in the same way.
For each HTTP Request Sampler make sure you add a corresponding child HTTP Header Manager config element.
Headers basically tell the server that what client we are using and in what form data is being sent and then server responds accordingly with the information.
What you're recorded is OAuth2 flow and you won't be able to replay it without correlating the dynamic values.
You can have access to Google API or Facebook Graph API given you have proper access_token but I don't think you should be testing them directly, you should focus on solely your application.
I'm trying to get task info via Active Collab REST API and have a problem.
I got token by login and password and successfully made a request on next URL's:
GET on https://app.activecollab.com/ACCOUNT_ID/api/v1/projects
GET on https://app.activecollab.com/ACCOUNT_ID/api/v1/projects/1
But I receive 404 on:
GET on https://app.activecollab.com/ACCOUNT_ID/api/v1/projects/1/time-records
I found this endpoint in the documentation
https://developers.activecollab.com/api-documentation/v1/projects/elements/time-records/time-records.html
Could you please explain to me what am I doing wrong?
Thank you very much
Time tracking is not enabled by default per project. You can make sure that you enable it when you create a project (or update project's settings), or check whether it is enabled in your code.
To check if it is enabled, you can probe for 404 on /projects/:project_id/time-records API end point, or you can check for is_tracking_enabled property in response that you get from /projects/:project_id API response.
https://new-console.ng.bluemix.net/docs/services/apiconnect/apic_tutorial.html#apic_tutorial_01
Follow previous link to do create loopback project named ibmsvt and do test locally, we can post and get.
then publish this api as running api app on bluemix and we will get api target url and tls file.
type url and tls in api designer invoke, and publish api product again.
check api connect service and we can find that published api product has been published, configure developer portal, and invite developers
login developer portal and register one app
subscribe app to api product and run post command.
We will see that we only get can't post error information...
Please see attachment info for error info and api file.
From the screen capture provided, it looks like you're displaying the logs for the loopback application deployed on bluemix. It also looks like the POST request from APIConnect hit the Bluemix application as well. However, I'm unable to see the exact message of the error. What error did you get when you execute the POST from APIConnect? I suspect the POST did not include the $(request.path), what did you change the invoke url to be ? Can provide the x-ibm-configuration section in your yaml file? It will be located in your /definitions.
Thanks and best regards,
I am just have the exact problem, and struggled for days on redoing the tutorial several times, but still met with the same problem until found the upper reply, and gave me a hint.
In the tutorial, it says like the following:
Update the following fields with the values you copied previously:
Invoke URL: Insert the API target URL. You must specify the secure protocol HTTPS. For example:
apiconnect-ca3283b0-525c-488d-993b-3ab72fca78d0.youremail-dev.apic.mybluemix.net
TLS Profile: Insert the API invoke tls-profile.
For example:
client:Loopback-client
The origininal URL is $(runtime-url)$(request.path)$(request.search).
And the correct URL after updating is like following:
https://apiconnect-ca3283b0-525c-488d-993b-3ab72fca78d0.youremail-dev.apic.mybluemix.net$(request.path)
no slash before $(request.path), and $(request.search) should be deleted.
I also checked a tutorial video, it also do like this, but the screen for this step is passed away very quickly, you will not pay attention to this detail normally.
https://www.youtube.com/watch?v=Qku71JLv8vA&list=PLFa8jnU0KqE2eW5E449ziaurv8obSbcou&index=3&cm_mc_uid=24774488665514672571374&cm_mc_sid_50200000=1468400063