Jamf Nation Community

Spillou · ‎05-21-2024

Hello !

First of all, please excuse me if the questions are found somewhere else, but I can't find clearly the informations needed. Please note that I'm not familiar with API.

As the basic authentication will be soon removed, I already disabled it in Jamf Pro. I checked all my scripts and it seems that it's working fine. However, I have some questions:

1) I read that classic API uses JSSResource as part of the URI. And I have this example to get the department of a computer. I would like to change that so I can use the api/v1 URI but I can't find the exact path. Actually, I get the department this way:

department=$(curl -H "Accept: application/xml" --header "Authorization: Bearer ${token}" "${jssURL}JSSResource/computers/serialnumber/${macSerial}" | xmllint --xpath "string (//computer/location/department)" -)

How should I change this ? And first of all, is it still possible to do this way ?

2) I use keywords in the position and room fields of a computer's inventory. It allows me to put those computers in smartgroups, and it also allows me to set specific configurations depending on their location and/or department using scripts. As an example, I use keywords of some computers in the room part of their inventory to configure the default printer, but I may have to use their department or location for that. One script is better than 22 policies for our 22 copiers... (And it works fine until now). Well, how can I get this still working ? Here is an example of the command used:
meetingRoom1=$(curl -H "Accept: application/xml" --header "Authorization: Bearer ${token}" "${jssURL}JSSResource/computers/serialnumber/${macSerial}" | xmllint --xpath "string (//computer/location/room)" - | grep "meeting1")

3) I could get the computer's informations using https://mycompany.jamfcloud.com/JSSResource/computers/serialnumber/myserialnumber. But it doesn't work anymore as I disable the classic authentication. It ends with an "Unauthorized" error message of course. It helped me a lot when I had to get the path of an information that I wanted to use in a variable (In the examples above, the "//computer/location/department" or the //computer/location/room part). I found in the company's URI /api/doc what it seems that I need, but I have an error 401 when I try to go to (for example) https://mycompany.jamfcloud.com/api/v1/departments and I don't know how to have the authorization like in the /api/doc section for the Jamf API. Is there a way to get the schema of a computer's informations so that I can find what I need to get the information ?

Any information that helps me better understand how it works is welcome.

Olivier

stevewood · ‎05-21-2024

The Classic API, which is identified by the "JSSResource" URI, is still around and still functioning. So you can continue using the scripts you have in place if you have converted them over to bearer token authentication. No need to change. You can get more information about the APIs in use, both Classic API and the Jamf Pro API (JPAPI), on our developer page here. You can also test out the APIs on your server by visiting the Swagger docs for the API at https://<yourserver>.jamfcloud.com/api That URL allows you to authenticate using a user name and password and test different API calls (this is how you can answer #3).

If you wish to convert over to using the JPAPI (identified by .../api/v1 or .../api/v2, etc), know that the output here is JSON so you may need to make other changes to your scripts. The JPAPI is where all new API endpoints are going. No further development is happening against the Classic API, and endpoints from the Classic API are being migrated over to the JPAPI over time.

View solution in original post

stevewood · ‎05-21-2024

The Classic API, which is identified by the "JSSResource" URI, is still around and still functioning. So you can continue using the scripts you have in place if you have converted them over to bearer token authentication. No need to change. You can get more information about the APIs in use, both Classic API and the Jamf Pro API (JPAPI), on our developer page here. You can also test out the APIs on your server by visiting the Swagger docs for the API at https://<yourserver>.jamfcloud.com/api That URL allows you to authenticate using a user name and password and test different API calls (this is how you can answer #3).

If you wish to convert over to using the JPAPI (identified by .../api/v1 or .../api/v2, etc), know that the output here is JSON so you may need to make other changes to your scripts. The JPAPI is where all new API endpoints are going. No further development is happening against the Classic API, and endpoints from the Classic API are being migrated over to the JPAPI over time.

Musicmaker · ‎06-07-2024

Thanks for you info. Last week my API script just worked fine. But since this week It doesn't work anymore.
We make an export from our Mac Devices from Topdesk and have an API script which gets all the devices from Jamf Pro and if found add some information in extension attributes (hostname, department, user etc).
But my result log says "The request requires user authentication".

When I visit the Swagger docs and test the account which is used in the script I get "Authorized. Token succesfully generated!"
FYI: my script isn't converted to bearer token authentication yet.

Spillou · ‎06-10-2024

Hello !

It's a long time now that Jamf said that they will disable basic authentication. With Jamf Pro 11.5.0, they did it: https://learn.jamf.com/en-US/bundle/jamf-pro-release-notes-current/page/Deprecations_and_Removals.ht...

Musicmaker · ‎07-08-2024

In the meanwhile I've change my script to bearer token authentication. Works like a charm.

stevewood · ‎05-21-2024

As an example for #3, the API endpoint is the computers-inventory endpoint and you would want the "USER_AND_LOCATION" section. The URI would look like the following:

https://<yourserver>.jamfcloud.com/api/v1/computers-inventory/<deviceID>?section=USER_AND_LOCATION

Spillou · ‎05-29-2024

Thank you all for the informations !
And happy to hear that the JSSResource is still working.

Jamf Nation Community

Questions about the new Jamf Pro API