To authenticate API calls, you must first generate a session to get a token. Then you must send the session token as the value of the X-Auth-Token header to authenticate API calls.
To create a session you first need to manually generate an API Key. This is a key/value pair that can be generated in the API Access page. When you click Generate New API Key, a popup will be displayed with the API Key Value and in the table of Active Keys you can find the API Key ID. This is then sent via Basic Authentication in a POST call to the sessions route.
I followed this Api Documentation of deepcrawl already but what am I doing wrong?
I have X-Auth-Token and API KEY ID where should I put this?
$deephead = "X-Auth-Token: asdjasiojqoieuqiouwqpofoqwojeq";
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, "https://api.deepcrawl.com/sessions");
curl_setopt($ch, CURLOPT_POST, TRUE);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, TRUE);
curl_setopt($ch, CURLOPT_HTTPHEADER, $deephead);
// Get the response
$response = curl_exec($ch);
// Close cURL connection
curl_close($ch);
// Decode the response (Transform it to an Array)
$result = json_decode($response);
//debug the response
dd($result);
The I can't even get to CURLOPT_GET cause at my post I only get null value. Any idea/thoughts how can I fix this. Thank you in advance.
DeepCrawl API
It looks like you are trying to generate a token, which it looks like you already have.
To authenticate API calls, you must first generate a session to get a
token. Then you must send the session token as the value of the
X-Auth-Token header to authenticate API calls.
To create a session you first need to manually generate an API Key.
This is a key/value pair that can be generated in the API Access page.
When you click Generate New API Key, a popup will be displayed with
the API Key Value and in the table of Active Keys you can find the API
Key ID. This is then sent via Basic Authentication in a POST call to
the sessions route.
curl -X POST -u '123:abcdef' https://api.deepcrawl.com/sessions {
"token":"abcdef123", "_user_href":"/users/example-user", ... }
Not the clearest, but it's right there.
$headers = [
'Content-Type: application/x-www-form-urlencoded',
'accept: text/html'
];
$username='yourusername';
$password='supersecret';
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, "https://api.deepcrawl.com/sessions");
curl_setopt($ch, CURLOPT_USERPWD, "$username:$password");
curl_setopt($ch, CURLOPT_POST, TRUE);
curl_setopt($ch, CURLOPT_POSTFIELDS, "root=1");
curl_setopt($ch, CURLOPT_HTTPHEADER, $headers);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, TRUE);
// Get the response
$response = curl_exec($ch);
// Close cURL connection
curl_close($ch);
// Decode the response (Transform it to an Array)
return json_decode($response);
That will return something like
{
"token":"abcdef123",
"_user_href":"/users/example-user",
...
}
Since you already have the token, you don't need ot hit session. you can just make your calls.
$headers = [
'X-AUTH-TOKEN: your-api-key',
'accept: text/html'
];
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, "https://api.deepcrawl.com/system_statuses");
curl_setopt($ch, CURLOPT_HTTPHEADER, $headers);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, TRUE);
// Get the response
$response = curl_exec($ch);
// Close cURL connection
curl_close($ch);
// Decode the response (Transform it to an Array)
return json_decode($response);
Related
Suppose i have an api key and by this api key i want to fetch data this is my code.
$apiKey = 'admin#123';
$headers = array(
'Content-Type:application/json',
'Authorization: '.$apiKey
);
$payload = array(
'id' => 1,
);
$process =
curl_init('http://localhost/codeigniterapi/api/example/user_fetch');
curl_setopt($process, CURLOPT_HTTPHEADER, $headers);
curl_setopt($process, CURLOPT_HEADER, 1);
curl_setopt($process, CURLOPT_TIMEOUT, 30);
curl_setopt($process, CURLOPT_POST, 1);
curl_setopt($process, CURLOPT_POSTFIELDS, $payload);
curl_setopt($process, CURLOPT_RETURNTRANSFER, TRUE);
$return = curl_exec($process);
curl_close($process);
print_r($return);
But it shows an error charset=utf-8 {"status":false,"error":"Invalid API key "} but this api work perfectly on postman using same key
Sending the authorization header with the request requires you to add a bearer and a token.
If you used postman to test the request, you prolly entered the username and password in the "Authorization" tab inside postman. You will also have chosen a type for the authorization.
On the second tab, the Headers tab, you can now see that Postman has added your crendentials from the first tab as an authorization header. The key will be "Authorization" and you can steal the Value from this table. As you can see, this contains both the bearer (for Basic Auth, this will be "Basic") and the token itself.
If you want to send the token in the authorization header, it would look like this:
$headers = array(
'Content-Type:application/json',
'Authorization: Basic abcdefghijklmnop'
);
If you don't want to set the header yourself, you can use
You can set the CURLOPT_USERPWD if you want to use the user and password (example for basicauth):
curl_setopt($curl, CURLOPT_HTTPAUTH, CURLAUTH_BASIC);
curl_setopt($process, CURLOPT_USERPWD, "$username:$password");
To set the curloption for username and password.
I gave up after 2 days. I want to get list of all products from magento2 api in browser. First I tried "http://mydomain.con/index.php/rest/V1/products?Authorization=Bearer_TOKENHERE?searchCriteria=" but it didn’t work (still not authenticated). The next thing I’ve tried was to call api with php curl:
<?php
//test for 1 product
//API URL for authentication
$apiURL="http://mydomain.con/index.php/rest/V1/integration/admin/token";
//parameters passing with URL
$data = array("username" => "test", "password" => "123456qwe");
$data_string = json_encode($data);
$ch = curl_init($apiURL);
curl_setopt($ch, CURLOPT_CUSTOMREQUEST, "POST");
curl_setopt($ch, CURLOPT_POSTFIELDS, $data_string);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_HTTPHEADER, array("Content-Type: application/json","Content-Length: ".strlen($data_string)));
$token = curl_exec($ch);
//decoding generated token and saving it in a variable
$token=json_decode($token);
//******************************************//
//Using above token into header
$headers = array("Authorization: Bearer ".$token);
//API URL to get all Magento 2 modules
$requestUrl='http://mydomain.con/index.php/rest/V1/products/24-MB01';
$ch = curl_init($requestUrl);
curl_setopt($ch, CURLOPT_HTTPHEADER, $headers);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
$result = curl_exec($ch);
//decoding result
$result=json_decode($result);
//printing result
print_r($requestUrl);
print_r($result);
?>
Unfortunately, this call get me a perfect answer in terminal in php storm (id, name, sku, price, etc in json) but if I want to get answer by browser it shows me Error 404 Request URL not found in server (when file is actually uploaded).
Sounds like a problem somewhere in web server. Check .htaccess in document root and host config in apache.
I was coding a cURL post request to a website login in order to retrieve a token. The script is meant to login remotely, obtain a token via preg_match and then send a GET request to another url using the preg_matched token.
The token comes in the form of a string e.g. ABCDEFGHIJK. In the second GET request, the token is authorized as: Authorization Bearer: ABCDEFGHIJK
However, upon obtaining the token from the first post request and adding in the words Authorization Bearer, the token disappears.
<?php
//Login in Remotely
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, 'URL');
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true);
curl_setopt($ch, CURLOPT_POST, 1 );
curl_setopt($ch, CURLOPT_POSTFIELDS, 'POST DATA' );
curl_setopt($ch, CURLOPT_HTTPHEADER, array('Content-Type: application/json'));
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0); // On dev server only!
$result = curl_exec($ch);
curl_close($ch);
//Parse Token
preg_match('#"phoenixAccessToken":"(.*)","phoenixExpiresIn#',$result,$matches);
echo $matches[1]; //This returns ABCDEFGHIJK
//Write authorization (Token returns a 0 now.)
$authorization = 'Authorization Bearer: ' & $matches[1];
echo $authorization; //This returns a 0
?>
echo $matches[1] returns the token required perfectly fine, but running echo 'Authorization Bearer: ' & $matches[1]; returns a 0 instead of Authorization Bearer: ABCDEFGHIJK.
Why is this so? Is there anyway to fix the variable so it is static?
Thanks!
Use . instead of &.
. just adds it on.
I have built a prototype calendar synching system using the Google calendar API and it works well, except refreshing access tokens. These are the steps I have gone through:
1) Authorised my API and received an authorisation code.
2) Exchanged the authorisation code for Access Token and a RefreshToken.
3) Used the Calendar API until the Access Token expires.
At this point I try to use the Refresh Token to gain another Access Token, so my users don't have to keep granting access because the diary sync happens when they are offline.
Here's the PHP code, I'm using curl requests throughout the system.
$requestURL = "https://accounts.google.com/o/oauth2/token";
$postData = array("grant_type" => "refresh_token",
"client_id" => $clientID,
"client_secret" => $clientSecret,
"refresh_token" => $refreshToken);
$headers[0] = 'Content-Type: application/json';
$ch = curl_init();
curl_setopt($ch, CURLOPT_HTTPHEADER, $headers);
curl_setopt($ch, CURLOPT_URL, $requestURL);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, json_encode($postData));
$response = curl_exec($ch);
$responseArray = json_decode($response, TRUE);
The response i'm getting is:
[error] => invalid_request
[error_description] => Required parameter is missing: grant_type
No curl errors are reported.
I've tried header content-type: application/x-www-form-urlencoded, and many other things, with the same result.
I suspect it's something obvious in my curl settings or headers as every parameter mentioned in the Google documentation for this request is set. However, I'm going around in circles so would appreciate any help, including pointing out any obvious errors I've overlooked.
your request should not post JSON data but rather query form encoded data, as in:
$requestURL = "https://accounts.google.com/o/oauth2/token";
$postData = "grant_type=refresh_token&client_id=$clientID&client_secret=$clientSecret&refresh_token=$refreshToken";
$headers[0] = 'Content-Type: application/x-www-form-urlencoded';
$ch = curl_init();
curl_setopt($ch, CURLOPT_HTTPHEADER, $headers);
curl_setopt($ch, CURLOPT_URL, $requestURL);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, $postData);
$response = curl_exec($ch);
$responseArray = json_decode($response, TRUE);
I am new to curl. I'm trying basic authentication using curl with pivotal tracker
error:{"error":"Needs authentication credentials.","possible_fix":"Try basic auth, or include header X-TrackerToken.","code":"unauthenticated","kind":"error".
here is simple code i used to authenticate:
$ch = curl_init();
$data = array('$token'=>'858e234da*****');
// set URL and other appropriate options
curl_setopt($ch, CURLOPT_URL, "https://www.pivotaltracker.com/services/v5/me");
curl_setopt($ch, CURLOPT_HEADER, false);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, $data);
// grab URL and pass it to the browser
$response =curl_exec($ch);
var_dump($response);
// close cURL resource, and free up system resources
curl_close($ch);
how to authenticate my application with token as pivotal tracker support simple ouath authentication.
i would like to explain steps of authentication
a.)user enter user name and password.
b.)then enter token of your profile.
c.) now page is redirected your dashboard.
Try basic auth, or include header X-TrackerToken.
Which seems to me is asking you to submit the token as a X-TrackerToken header.
You can try something like this, though I can't find the pivotaltracker documentation.
$ch = curl_init('https://www.pivotaltracker.com/services/v5/me');
// or just remove the customrequest too
curl_setopt($ch, CURLOPT_CUSTOMREQUEST, 'GET');
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_HTTPHEADER, array(
'X-TrackerToken: 858e234da*****'
);
$result = curl_exec($ch);
curl_close($ch);
update
Found the documentation.
It shows something like:
export TOKEN='your Pivotal Tracker API token'
curl -X GET -H "X-TrackerToken: $TOKEN" "https://www.pivotaltracker.com/services/edge/stories/558"