Security

Reply
Contributor I
Posts: 25
Registered: ‎05-27-2014

How to access CP API via OAuth2

[ Edited ]

Another question:

I'm trying to access the CP API to manage guest devices.

 

Here is the code I'm trying to use (I'm just trying to get a simple list of devices to start):

#!/local/web/.local/bin/python3.5

import urllib.parse
import httplib2
import json

http = httplib2.Http()

url = 'https://server.example/api/oauth'
body = { "grant_type": "client_credentials", "client_id" : "clrpassiowa", "client_secret" : "<SECRET>", "username" : "itsneg", "password" : "<PASSWDL>" }
headers = { "Content-Type": "application/x-www-form-urlencoded" }

response, content = http.request(url, 'POST', headers=headers, body=urllib.parse.urlencode(body))

content_hash = json.loads((content.decode('utf-8')))

headers = {"Authorization": 'Bearer ' + content_hash['access_token']}

url = 'https://server.example/api/device?filter={}&sort=-id&offset=0&limit=25&calculate_count=false'

response, content = http.request(url, 'GET', headers=headers)

content_hash = json.loads((content.decode('utf-8')))

print(response)
print(content_hash)

I createad an Operator Profile with "Full Access" to the API and assigned to the API Client, it appears I'm getting the access token, but when I make the second call I get the following response:

{'date': 'Fri, 15 Jul 2016 19:11:57 GMT', 'content-length': '149', 'content-type': 'application/problem+json', 'server': 'Apache', 'status': '406', 'x-powered-by': 'PHP/5.6.19'}
{'status': 406, 'type': 'http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html', 'title': 'Not Acceptable', 'detail': 'Cannot honor Accept type specified'}

Any idea what I'm doing wrong ?

 

Thanks

-Neil

 

--
Neil Johnson
Contributor I
Posts: 25
Registered: ‎05-27-2014

Re: How to access CP API via OAuth2

[ Edited ]

I found out it wasn't a permissions issue after all. I simply was not sending an appropriate "Accept:" header.

I had to modify 2nd headers assignment variable to read: 

headers = {"Authorization": 'Bearer ' + content_hash['access_token'],"Accept": 'application/json'}

And now I get my list of Devices.

 

-Neil

 

--
Neil Johnson
Search Airheads
Showing results for 
Search instead for 
Did you mean: