I am just studying the Thingsboard IoT platform features.
And we know that to retrieve JWT Token for a user, we should POST following API command,
curl -X POST --header "Content-Type: application/json" --header "Accept: application/json" -d "{"username":"xxxxx#gmail.com", "password":"xxxxxx"}" "https://thingsboard.cloud/api/auth/login"
The timeout for this JWT token is set to "9000" sec by default.
How can we modify this Token expiry time?
Your help would be appreciated.
Thank you.
This should be configured as part of security.jwt.tokenExpirationTime
https://thingsboard.io/docs/user-guide/install/config/
You should probably need to use the refresh token to keep your session logged in via /auth/token
Related
I am trying to invoke the below API for my company's github repo. I generated my personal token for the api as mentioned below
https://docs.github.com/en/enterprise-server#3.8/rest/users/users
curl
-H "Accept: application/vnd.github+json"
-H "Authorization: Bearer "
-H "X-GitHub-Api-Version: 2022-11-28"
https://github.xyzcompany.com/users/testusr
And response is an html citing the lack of SSO info in the curl request
You are being redirected.%
How do I invoke the APIs in a SSO SAML scenario?
We need to allow our Flutter application to save a property in the user_metadata when the application starts.
As I understand this is a task to be done with the Management API and in order for the Flutter application to be able to write in the user_metadata the client has to request a Management API access token.
I found no information on how to request this token, the closest thing is this page in the documentation that has no example and no explanation on how to retrieve this token:
https://auth0.com/docs/secure/tokens/access-tokens/get-management-api-tokens-for-single-page-applications
Can anyone provide an example on how to request this token from a Flutter app?
Even a generic CURL request would be helpful to understand what endpoint to call with which parameters.
Error received when trying to access the Management API to update the user_metadata:
body{
"statusCode":400,
"error":"Bad Request",
"message":"Bad HTTP authentication header format",
"errorCode":"Bearer"
}
2 steps are needed:
Get the authentication token for management API:
sample curl:
curl --location --request POST "https://YOUR_AUTH0_DOMAIN/oauth/token" \
--header "content-type: application/json" \
--data-raw "{
\"grant_type\": \"client_credentials\",
\"audience\": \"https://YOUR_AUTH0_DOMAIN/api/v2/\",
\"client_id\": \"YOUR_AUTH0_APPLICATION_CLIENT_ID\",
\"client_secret\": \"YOUR_AUTH0_APPLICATION_CLIENT_SECRET\"
}"
call the management api to update app_metadata
sample curl:
curl --request PATCH \
--url 'https://YOUR_AUTH0_DOMAIN/api/v2/users/USER_ID' \
--header 'authorization: Bearer TOKEN_FROM_STEP_1' \
--header 'content-type: application/json' \
--data '{"email": "whatever#example.com", "user_metadata": {"hobby": "surfing"}, "app_metadata": {"plan": "full"}}'
Edit: Patch request with userID
Hi I'm trying to use the Keycloak API but I don't understand very well how it works. I want to obtain all the users of a realm. So I first obtain a token using this endpoint: /realms/master/protocol/openid-connect/token with this params in the request body:
client_id
grant_type
username
password
client_secret
The first question is: What client should I use?
Then I call this endpoint: /admin/realms/master/users with the token in the Authorization header, but I get a 403 status code and I don't understand why.
Thanks
You need two steps
first get an access token from the admin-cli client of the master realm
second call the admin rest api with the access token, set Bearer as prefix in the
Authorization header.
# get an access token
curl -X POST \
https://<HOST>/auth/realms/master/protocol/openid-connect/token \
-H 'Accept: application/json' \
-H 'Content-Type: application/x-www-form-urlencoded' \
-H 'cache-control: no-cache' \
-d 'grant_type=password&username=<USERNAME>l&password=<PASSWORD>&client_id=admin-cli'
# get all users of gateway realm, use the token from above and use Bearer as prefix
curl -X GET \
https://<HOST>/auth/admin/realms/gateway/users \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCIgOiAiSldUIiwia2lkI...' \
-H 'cache-control: no-cache'
Generally: 403 = you don't have permissions to perform requested action (to view users in this particular case). You need to define Client Roles (realm-management) for used user/client and assign right role (view-users role in this case):
Keycloak 17+ UI:
Or Keycloak 17+ UI - client with Service Accounts Enabled enabled:
Keycloak 17- UI:
I'm attempting to do a POST to a bucket via API. I have an API key, and I have a client-id and secret. What should be included in the header for authentication to my bucket for a simple post?
If you are trying to do a POST with the RESTful API you should add an "Authorization: Bearer [OAUTH2_TOKEN]". I recommend on following the Quickstart on Uploading Objects with Rest API which guides you on how to achieve this and searching the OAuth 2.0 playground to get the Token
Taken from the guide:
curl -X POST --data-binary #[OBJECT] \
-H "Authorization: Bearer [OAUTH2_TOKEN]" \
-H "Content-Type: [OBJECT_CONTENT_TYPE]" \
"https://www.googleapis.com/upload/storage/v1/b/[BUCKET_NAME]/o?uploadType=media&name=[OBJECT_NAME]"
Trying to test Uber Rush API (from localhost and from linux server).
Calling Token works - I get the token
trying to implement sanbox example:
curl -X "PUT /v1/sandbox/deliveries/{delivery_id}" \
-H "Authorization: Bearer <OAUTH TOKEN>" \
-d "{\"status\":\"en_route_to_pickup\"}"
with url https://sandbox-api.uber.com/
and I tried the same request with file_get_contents (in PHP)
So, I always get error "405 Method Not Allowed"
{"message":"Method not supported for this endpoint.","code":"method_not_allowed"}
What I need to do to get access to method from this sandbox example https://developer.uber.com/docs/rush/sandbox?
Corrent syntax
curl -X "PUT" -H "Authorization: Bearer <TOKEN>" -H "Content-Type: application/json" -d "{\"status\":\"en_route_to_pickup\"}" https://sandbox-api.uber.com/v1/sandbox/deliveries/DELIVERY_ID
EDIT: Updated to reflect both issues in your question...
You have a mismatch in your requests and an incorrect syntax for curl.
First off your CURL request is incorrectly specified. It should be:
curl -X "PUT" -H "Authorization: Bearer <OAUTH TOKEN>" -d "{\"status\":\"en_route_to_pickup\"}" https://sandbox-api.uber.com/v1/sandbox/deliveries/{delivery_id}
In addition, your curl command is trying to issue a PUT request to the uber sandbox PUT API. However, your PHP code is not setting the context correctly and so is probably issuing a GET request. I suspect that the server is therefore rejecting the request as a GET as not allowed to do this sort of operation.
To fix it, see Bad request using file_get_contents for PUT request in PHP. This should give you an example of how to pass in the necessary context to issue a PUT request using file_get_contents().