Skip to main content
Solved

API result return as blank

EmreU
Forum|alt.badge.img+6
  • EmreU
  • Contributor
  • 19 replies

 

Greetings all,

Until last JAMF Pro update i had no issue with the script below. But as of today, the script returning blank result without error. Any idea ? 

 

 

APIUsername="" APIuserpassword="" JAMFServer="" EAID1=69 JAMFAPIToken=$(curl -X POST -u $APIUsername:$APIuserpassword -s $JAMFServer/api/v1/auth/token | plutil -extract token raw -) DeviceSerialNumber=$(system_profiler SPHardwareDataType | awk '/Serial/ {print $4}') curl -u $APIUsername:$APIuserpassword -H "Accept: application/xml" $JAMFServer/JSSResource/computers/serialnumber/$DeviceSerialNumber/subset/extension_attributes | xpath -e \\ "//*[id=$EAID1]/value/text()" 2>/dev/null

 

Best answer by ivanlovisi

i see that you use the basic authentication method for your API command, since version 11.5 it is no longer supported. try making your API cal with Bearer Token Authentication.

View original
    Did this topic help you find an answer to your question?

    3 replies

    I
    Forum|alt.badge.img+7
    • ivanlovisi
    • Contributor
    • 37 replies
    • Answer
    • August 19, 2024

    i see that you use the basic authentication method for your API command, since version 11.5 it is no longer supported. try making your API cal with Bearer Token Authentication.

    EmreU
    1 person likes this
    • EmreU
      EmreU
    EmreU
    Forum|alt.badge.img+6
    • EmreU
    • Author
    • Contributor
    • 19 replies
    • August 20, 2024
    ivanlovisi wrote:

    i see that you use the basic authentication method for your API command, since version 11.5 it is no longer supported. try making your API cal with Bearer Token Authentication.


    You're right ! i missed that part. Now all fine. 

    APIUsername="" APIuserpassword="" JAMFServer="" EAID1=69 JAMFAPIToken=$(curl -X POST -u $APIUsername:$APIuserpassword -s $JAMFServer/api/v1/auth/token | plutil -extract token raw -) DeviceSerialNumber=$(system_profiler SPHardwareDataType | awk '/Serial/ {print $4}') curl -X GET -H "Authorization: Bearer $JAMFAPIToken" "Accept: application/xml" $JAMFServer/JSSResource/computers/serialnumber/$DeviceSerialNumber/subset/extension_attributes | xpath -e \\ "//*[id=$EAID1]/value/text()" 2>/dev/null or better one :) xmlquery=$(curl -X GET -H "Authorization: Bearer $JAMFAPIToken" "Accept: application/xml" $JAMFServer/JSSResource/computers/serialnumber/$DeviceSerialNumber/subset/extension_attributes) EAQuery=$(echo $xmlquery | xpath -e "//*[id=$EAID1]/value/text()" 2>/dev/null)
    Tangentism
    Forum|alt.badge.img+10
    • Tangentism
    • Honored Contributor
    • 144 replies
    • August 20, 2024
    EmreU wrote:

    You're right ! i missed that part. Now all fine. 

    APIUsername="" APIuserpassword="" JAMFServer="" EAID1=69 JAMFAPIToken=$(curl -X POST -u $APIUsername:$APIuserpassword -s $JAMFServer/api/v1/auth/token | plutil -extract token raw -) DeviceSerialNumber=$(system_profiler SPHardwareDataType | awk '/Serial/ {print $4}') curl -X GET -H "Authorization: Bearer $JAMFAPIToken" "Accept: application/xml" $JAMFServer/JSSResource/computers/serialnumber/$DeviceSerialNumber/subset/extension_attributes | xpath -e \\ "//*[id=$EAID1]/value/text()" 2>/dev/null or better one :) xmlquery=$(curl -X GET -H "Authorization: Bearer $JAMFAPIToken" "Accept: application/xml" $JAMFServer/JSSResource/computers/serialnumber/$DeviceSerialNumber/subset/extension_attributes) EAQuery=$(echo $xmlquery | xpath -e "//*[id=$EAID1]/value/text()" 2>/dev/null)

    Going forward, its best practice to use a function to get a token, one to check if the token is still valid and another to invalidate the token.

    Then if you're doing multiple queries that might take longer than the timeout you set in the API Role, instead of getting a new token, you can check if its still valid and it will regen a new one if not. Then as part of the clean up, you invalidate it.

     

    # JAMF Cloud details jamf_url="${4:-}" # API login details client_id="${5:-}" client_secret="${6:-}" # Establish API token. API session is set in API client and roles section get_access_token() { response=$(/usr/bin/curl \\ --silent \\ --location \\ --request POST "${jamf_url}/api/oauth/token" \\ --header "Content-Type: application/x-www-form-urlencoded" \\ --data-urlencode "client_id=${client_id}" \\ --data-urlencode "grant_type=client_credentials" \\ --data-urlencode "client_secret=${client_secret}") current_epoch=$(date +%s) access_token=$(echo "$response" | plutil -extract access_token raw -) token_expires_in=$(echo "$response" | plutil -extract expires_in raw -) token_expiration_epoch=$((+-1)) } check_token_expiration() { current_epoch=$(date +%s) if [[ $token_expiration_epoch -ge $current_epoch ]]; then echo "Current epoch time: $current_epoch" echo "Token valid until the following epoch time: " "$token_expiration_epoch" else echo "No valid token available, getting new token" get_access_token fi } invalidate_token() { responseCode=$(/usr/bin/curl \\ -w "%{http_code}" \\ -H "Authorization: Bearer ${access_token}" $jamf_url/api/v1/auth/invalidate-token \\ -X POST \\ -s -o /dev/null) if [[ ${responseCode} == 204 ]]; then echo "Token successfully invalidated" access_token="" token_expiration_epoch="0" elif [[ ${responseCode} == 401 ]]; then echo "Token already invalid" else echo "An unknown error occurred invalidating the token" fi } # ----------------------------------------------------------------------------- # OPERATIONS # ----------------------------------------------------------------------------- check_token_expiration # Do some API queries # Do some more that take longer than 60 seconds check_token_expiration # clean up invalidate_token

    Reply


    Most helpful members this week

    Terms & ConditionsCookie settingsAccessibility statement

    Cookie policy

    We use cookies to enhance and personalize your experience. If you accept you agree to our full cookie policy. Learn more about our cookies.

     
    Cookie settings