1. Access the A2A>Applications and on the right menu click on new.
2. On the new screen, define the application name and under “Use OAuth signature” select ‘OAuth 2.0’, a description and tags for targeting can also be added.
3. To add authorizations, click on the three dot icon and go to 'Authorization s’.
4. On the new screen click on the three dots icon and click on ‘New’.
5. In ‘Settings’ the expiration date will be defined, if the 'Expiration date’ field is left blank, the authorization will not have an expiration date.
6. In the tab “Security” will be defined which modules the API key will have access, if it is for querying credential passwords select “PAM”. It will also be defined if it can create credentials and devices in ‘Read and write’ or read only in “Read-only”.
7. In the tab ‘Credentials’ the credential will be added, in this example Debian 11 will have access to ID 28. In the tab “Protected Informations” can be added protected information.
8. To view the API keys that will be used in a request, access the three-bar icon.
9. A new screen will be displayed with the information.
Consumption via cURL
OAuth 1.0
- Request App2App. Replace the fields:
<senhasegura_ip_or_domain>
<REQUEST>
<CONSUMER_KEY>
<TOKEN>
curl -s -k "https://<senhasegura_ip_or_domain>/<REQUEST>?&oauth_consumer_key=<CONSUMER_KEY>&oauth_token=<TOKEN>&oauth_signature=-"
Example | query id “7” credential password:
OAuth 2.0
- Request Token challenge to receive the dynamic token. Replace the fields:
<CLIENT_ID>
<CLIENT_SECRET>
<senhasegura_ip_or_domain>
curl -d "grant_type=client_credentials&client_id=<CLIENT_ID>&client_secret=<CLIENT_SECRET>" "https://<senhasegura_ip_or_domain>/iso/oauth2/token" -s --show-error -X POST
Example | returned token:
eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsImp0aSI6IjY2NDkyMzRiZGQ5NDZlZGVlODQxMWEyMWMzYTAxM2E1OGI1MWExZWZiMDNlZDA2Yzk5ZDYwMGE1ZDlhOWMwYzEyYjExN2E2ZmY2M2E0NzA5In0.eyJhdWQiOiI2Njk5YmE0NTEwYzc4ZjRkMjEwNjcyNmZjM2U5MjIzNzA1ZmY3MTViYSIsImp0aSI6IjY2NDkyMzRiZGQ5NDZlZGVlODQxMWEyMWMzYTAxM2E1OGI1MWExZWZiMDNlZDA2Yzk5ZDYwMGE1ZDlhOWMwYzEyYjExN2E2ZmY2M2E0NzA5IiwiaWF0IjoxNjMyMzMzNzMzLCJuYmYiOjE2MzIzMzM3MzMsImV4cCI6MTYzMjMzNzMzMywic3ViIjoiTnpRd016WWthMFl5UTJ0TFlYcExhM1p5TTB4S1JUVndaRlZQZEVaSGMzUkViV3gyWjJKamFXTnZSMUYzWjBkTlp6MD0iLCJzY29wZXMiOltdfQ.bIr67Hw7poiXnZLomL3nth3K5LscGFSDUvZQrLeCmKereTeysiX0nLfZeAwdM07q-QkabYjMN7rYshXkmR-I9rlrDQpwpM_9QHjqvMwdztgNQLWZxXb5xTrtQMl4jqNAv9eSceo425-Rs0lU58OR9QGruWhfqF1kP5Zy7sUbPaNtOLCdH-tKFEIs-99DfW7aM0m0695awUrs-NZjbjE-JzHtNu1W_HqAHYMLEOK00PDlkWkzWsj59-thK6kNHuphVpVLGbfoWJ5SUMwDhLSy_Mn6Ae8CroWIOb3ZsqHPJFDQ--lq7Inb4sihoSGAksBj7PkVTxr8FZwV5tAYHu0dAg
- Request App2App. Request the fields:
<OAUTH2.0_TOKEN>
<senhasegura_ip_or_domain>
<REQUEST>
curl -H "Authorization: Bearer <OAUTH2.0_TOKEN>" "https://<senhasegura_ip_or_domain>/<REQUEST>"
Example | query id “7” credential password:
Hint: if the SSL error shows up, add -k parameter in the cURL command execution.