Skip to main content
Question

Creating an Authorization Token With JAMF Pro API - Help would be greatly appreciated

  • July 15, 2019
  • 10 replies
  • 139 views
M
Forum|alt.badge.img+3

I'm trying to use JAMF Pro API. In order to use it is required to generate an authentication token that will be passed with request.
I am coding this in Swift for an App. I have done this successfully with Classic API but can’t get it to work in JAMF Pro API I am having difficulty generating this authentication token and have not found documentation to help.

Here is what I did find.

  • Thread that gives a basic outline of how it is done. discussion

  • In the discussion this is how it said that it should be done.

We're working to get some official documentation up on the Developer Portal for the Jamf Pro API. In the meantime, you can request a token by sending a POST to _uapi_auth/tokens with the header “Authorization: Basic YOUR_CREDENTIALS” where YOUR_CREDENTIALS is base64 encoded credentials for an appropriate Jamf Pro server account. You'll receive a response back containing a token and an expiration epoch. You can use the generated token to make calls to any other Jamf Pro API endpoint by including it in a header using the format “Authorization: jamf-token <TOKEN_VALUE>”.

I followed the instructions

Here is the Swift code

let credentialData = "(user):(password)".data(using: String.Encoding.utf8)!
let base64Credentials = credentialData.base64EncodedString()

let sessionConfig = URLSessionConfiguration.default
let session = URLSession(configuration: sessionConfig, delegate: nil, delegateQueue: nil)

guard let url = URL(string: "https://xxxeval.jamfcloud.com/uapi/auth/tokens") else {return}
var request = URLRequest(url: url)
request.httpMethod = "POST"
request.addValue("Authorization: Basic (base64Credentials)", forHTTPHeaderField: "Authorization")

I get back a 401 - Authentication failed. Verify the credentials being used for the request.

If anyone can help with a working example or point me where I can find documentation or just offer some information, I would greatly appreciate it.

As it is now I am at my wits end.

Thanks

E

10 replies

talkingmoose
Forum|alt.badge.img+36
  • talkingmoose
  • Community Manager
  • July 15, 2019

I have a GitHub gist that may help. It’s for using curl, but you may find it useful.

https://gist.github.com/talkingmoose/327427d23b422000f9d17183f8ef1d22

M
gabe2385
T
M
Forum|alt.badge.img+3
  • menashehertz
  • Author
  • New Contributor
  • July 15, 2019

@talkingmoose Thanks for sharing.

I now have a starting point to substitute my info and see if I get back a token.

jphillips
Forum|alt.badge.img+11
  • jphillips
  • Valued Contributor
  • July 15, 2019

@talkingmoose Thanks for the script.. I've just started messing around with API'ing prestige assignments and this helps immensely.

I am having an issue though: after inputting my own details I'm getting back a 404 from script. At /uapi/doc, under the get prestige by ID, I input the ID of the prestage and clicked Try it out. I still get a 404 that it can't be found, however the response body comes back as successfully and lists all of the prestage's correct information (so it does exist). Running 10.13 on cloud.

Is there a bug I'm not aware of with this 404?

talkingmoose
Forum|alt.badge.img+36
  • talkingmoose
  • Community Manager
  • July 15, 2019

@jphillips, a 404 means content can’t be found. Since you’re not receiving a 401, which means not authorized, you’re probably authenticating just fine but there’s a problem in your URL (maybe a misspelling or you’re using the wrong ID) or you may be requesting XML when you need to request JSON.

Which endpoint are you trying to use?

jphillips
Forum|alt.badge.img+11
  • jphillips
  • Valued Contributor
  • July 16, 2019

@talkingmoose Nevermind.. I just realized my idiocy: the endpoint /mobile-device-prestages/id/scope does not exist on 10.13.

N
Forum|alt.badge.img+3
  • nanfay
  • New Contributor
  • March 6, 2020

@talkingmoose Thanks for sharing - that was huge help. I had about 1900 iPads that needed to be moved from one PreStage into multiple PreStages, and the names are all based by serial number so very tedious if I hadn't been able to script it. Your gist gave me the starting point I needed. Project completed - Happy Friday!

talkingmoose
E
Forum|alt.badge.img+5
  • eaititig
  • Contributor
  • June 17, 2021

Yeah, I'm trying to do the same thing. I can use the Classic API with curl/PHP but I want to write an iOS app in Swift and I can't get that token ... so failed at the first step. I get 401 when using the base64 of the username:password as Basic Auth

Maybe the API doesn't work on cloud instances?!?

jphillips
Forum|alt.badge.img+11
  • jphillips
  • Valued Contributor
  • June 17, 2021

The API works fine with Swift and Cloud instances as we have been using it extensively since this thread. The thing that really helped me figure out how it all worked was to look at MUT's open-source code and how it retrieved the token: https://github.com/mike-levenick/mut

U
Forum|alt.badge.img+1

Special characters are not supported in the passwords when using the API. i got this response from JAMF support.

leslie_h
Forum|alt.badge.img+14
  • leslie_h
  • Employee
  • June 18, 2021

Special characters are fine. Depending on the language you're coding in you may need to manually encode them.

Terms & ConditionsCookie settingsAccessibility statement