When calling the keycloak REST api (see below) the output value is a string of asterisks (stars) - is it possible to get this information in clear text?
curl \
--silent \
--request GET \
-H "Authorization: bearer <MYACCESSTOKEN>" \
--header 'Content-Type: application/x-www-form-urlencoded' \
"http://keycloakserver:8180/auth/admin/realms/myrealm/clients/<MYCLIENTID>/client-secret"
returns/output:
{"type":"secret","value":"**********"}
How can it be retrieved in a text (not stars) format?
The client is configured with:
clientt protocol: openid-connect
access type: confidential
standard flow: enabled
First, you need to generate the secret. Either via Admin Console:
Or via keycloak REST api, in your case (using POST instead of GET):
curl \
--silent \
--request POST \
-H "Authorization: bearer <MYACCESSTOKEN>" \
--header 'Content-Type: application/x-www-form-urlencoded' \
"http://keycloakserver:8180/auth/admin/realms/myrealm/clients/<MYCLIENTID>/client-secret"
Related
It is possible to list GitHub repository secrets via the REST API. For example:
!curl \
-H "Accept: application/vnd.github+json" \
-H "Authorization: Bearer KEY"\
-H "X-GitHub-Api-Version: 2022-11-28" \
https://api.github.com/repos/ORG/REPO/actions/secrets
I do not see any way to get metadata about secrets using the GraphQL API.
I am trying to refresh the PayPal access token using the refresh token, I have checked that my credentials are right and I am using sandbox credentials.
Here is my curl request
curl --location --request POST 'https://api-m.sandbox.paypal.com/v1/oauth2/token' \
--header 'Authorization: Basic QWNRamY0eHFfOS1JWkpSM3htNURac2hteFhvTFNRb1h3SnZvbFJCM0pfZ0RpcnZpLXFKd21yX2JlYUhRV2gtS2NfRGFOZ19sWXJ1clk3UGw6RUlQVlpRekFqSkZRTmIyTXdsenYtYnRPR2pxejBFUHN5UHpKWF9ObllMSnkydnM3TEFZczBiNGNuUG9ScGZ6RWQ4ZG1manNnelsswrfgth4eGpmTHk=' \
--header 'Content-Type: application/x-www-form-urlencoded' \
--data-urlencode 'grant_type=refresh_token' \
--data-urlencode 'refresh_token=R23.AAJhMawaln1gQ_bkXioY9SG_Xp5X6CENyIBIcw7F-ocj37o5Io9LN8PKd9EcreWbaQk6LQQuUBXWQmMMaTWokK5eFcD1b0SUjYzS1-YCFLId4vKGmk1q7cELtQc5J477scwsk7cXJEuHwXng-vebMlw'
it gives me the response of invalid refresh token and no consent were granted.
{"error":"invalid_refresh_token","error_description":"No consent were granted"}
access token request:
curl --location --request POST 'https://api-m.sandbox.paypal.com/v1/oauth2/token' \
--header 'Authorization: Basic QWNRamY0eHFfOS1JWkpSM3htNURac2hteFhvTFNRdddb1h3SdsdnZvbFJCM0pfZ0RpcnZpLXFKd21yX2JlYUhRV2gtS2NfRGFOZ19sWXJ1clk3UGw6RUlQVlpRekFqSkZRTmIyTXdsenYtYnRPR2pxejBFUHN5UHpKWF9ObllMSnkydnM3TEFZczBiNGNuUG9ScGZ6RWQ4ZG1manNnelh4eGpmTHk=' \
--header 'Content-Type: application/x-www-form-urlencoded' \
--data-urlencode 'grant_type=authorization_code' \
--data-urlencode 'code=C21AAL7QWYekW8pCXkw9xIlsicTcxlytFJfhNCqk3Fvt-WSsjdgpnJF5U5jbP_NB_0xRqOFdSbjdRkcvyDefsoK8Oui6gqj0A'
Any idea how to solve this ?
I have been trying to generate an IBM Cloud IAM token using the following command:
curl -ik -X POST --header "Content-Type: application/x-www-form-urlencoded" --header "Accept: application/json" --data-urlencod
e "grant_type=urn:ibm:params:oauth:grant-type:apikey" --data-urlencode "apikey=rzQV6ahSbPLzXjzhzuAEtbXXXXXXXXXXXXXXXX" --data-urlencode "response_type=cloud_iam,uaa&uaa_client_id=cf&uaa_client_secret=" "https://iam.ng.bluemix.net/oidc/passcode"
But it keeps giving me 405 method not allowed. What is the right way to generate the token? Is there any documentation which could be followed?
The problem is with the endpoint you are using. Here's the working curl command to generate an IBM Cloud IAM token
curl -ik -X POST \
--header "Content-Type: application/x-www-form-urlencoded" \
--header "Accept: application/json" \
--data-urlencode "grant_type=urn:ibm:params:oauth:grant-type:apikey" \
--data-urlencode "apikey=<APIKEY>" \
"https://iam.cloud.ibm.com/identity/token"
You can generate an IAM token by using either your IBM Cloud API key or a service ID's API key.
Here's the link to the documentation
I am writing an application to fetch query logs from google cloud sql using stack driver monitoring. I am able to retrieve the logs using API explorer. I will be using a curl call to download the logs.
curl --header "Authorization: Bearer ACCESS_TOKEN" --header
'Content-Type: application/json' --header 'x-referer:
https://developers.google.com' -X POST --data
'{"resourceNames":["projectname"],"filter":"logName=logname"}'
"https://content-logging.googleapis.com/v2/entries:list?fields=entries(jsonPayload%2ClogName%2Coperation%2CreceiveTimestamp%2CtextPayload%2Ctimestamp)&key=APIkey"
API key is available in the interface. I have downloaded the json with client details. But I am not able to find any documentation on how to generate ACCESS_TOKEN in this case. Can someone please help me on this?
You can try:
curl -H "Authorization: Bearer "$(gcloud auth application-default
print-access-token) ...
or set:
ACCESS_TOKEN="$(gcloud auth application-default print-access-token)"
and then:
curl --header "Authorization: Bearer ${ACCESS_TOKEN}" ...
There appears to be an endpoint on the Wunderlist API for updating the wunderlist user (at https://a.wunderlist.com/api/v1/user) which does not appear in the official docs
User information can be updated by sending a PUT request to it, e.g. :
curl \
-H "X-Access-Token: $WL_ACCESS_TOKEN" \
-H "X-Client-ID: $WL_CLIENT_ID" \
-H "Content-Type: application/json" \
-XPUT -d '{"revision":1234,"name":"some-name"}' \
https://a.wunderlist.com/api/v1/user
Assuming the data is valid, this returns with HTTP 200.
Is this endpoint supported?