Classic API Authentication Changes - Using bearer token with classic API

akamenev47
Contributor II

Not sure if anybody have seen, but with the 10.35.0 Jamf Pro version, it seems like classic API can be used with the bearer token authentication: https://developer.jamf.com/jamf-pro/docs/classic-api-authentication-changes 

 

When I am trying to use the code samples to simply get all sites from JSS with a simple curl command:

apiURL="JSSURL"
username="USERNAME"
password="PASSWORD"

# created base64-encoded credentials
encodedCredentials=$( printf "$username:$password" | iconv -t ISO-8859-1 | base64 -i - )

allSiteData=`curl -X GET \
	$apiURL/JSSResource/sites/ \
	--header 'authorization: Basic $encodedCredentials'`

echo "AllsiteData is: $allSiteData"

 

I get:

% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 422 100 422 0 0 2562 0 --:--:-- --:--:-- --:--:-- 2740
AllsiteData is: <html>
<head>
<title>Status page</title>
</head>
<body style="font-family: sans-serif;">
<p style="font-size: 1.2em;font-weight: bold;margin: 1em 0px;">Unauthorized</p>
<p>The request requires user authentication</p>
<p>You can get technical details <a href="http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html#sec10.4.2">here</a>.<br>
Please continue your visit at our <a href="/">home page</a>.
</p>
</body>
</html>

 

Anybody tried this out yet / any suggestions?

 

Ahoy!
1 ACCEPTED SOLUTION

bartlomiejsojka
Contributor

Your issue is not related in any way with the token–based auth.

Shell will not resolve your $encodedCredentials variable within single quotes. Use double quotes instead. Also, I believe you’ll need to remove redundant / after sites endpoint you’re trying to query. It would only be required when querying particular site, like /sites/id/1.

If you’d like to test bearer token auth, you’d need to use Authorization: Bearer, not Basic, and provide the actual token (quite long, over 300 chars) obtained via Jamf Pro API.

View solution in original post

3 REPLIES 3

andrew_nicholas
Valued Contributor

Have you tried using just the value generated from ecodedCredentials rather than trying to reference the variable itself? I believe text encapsulated in '' will be evaluated statically so you'd just be passing $encodedCredentials rather than the actual string needed. Even in those samples they reference things with place holders like "YOUR_CREDENTIALS" rather than variables, so I'm thinking that might be the problem.

bartlomiejsojka
Contributor

Your issue is not related in any way with the token–based auth.

Shell will not resolve your $encodedCredentials variable within single quotes. Use double quotes instead. Also, I believe you’ll need to remove redundant / after sites endpoint you’re trying to query. It would only be required when querying particular site, like /sites/id/1.

If you’d like to test bearer token auth, you’d need to use Authorization: Bearer, not Basic, and provide the actual token (quite long, over 300 chars) obtained via Jamf Pro API.

Hugonaut
Valued Contributor II

@akamenev47  - this coming Friday, @chadlawson (Jamf Integrator) - is doing a live demo / keynote on this  - https://community.jamf.com/t5/virtual-mac-admins-meetup/march-virtual-mac-admin-meetup/ev-p/258505

________________
Looking for a Jamf Managed Service Provider? Look no further than Rocketman
________________


Virtual MacAdmins Monthly Meetup - First Friday, Every Month