URL link to a Device on the map
I see the share device feature which creates a url like
http://traccar.ws:8082?token=Rz...
but what I need to do is generate the token programatically from outside the Traccar Server app.
Is this possible?
Thanks,
kev
It should be possible to generate a token programatically. Web app uses the same API.
Anton, is there any further info to generate the token specific to loading the Device in the app?
The information about Access Token on https://www.traccar.org/traccar-api/ is somewhat brief and uninformative. I have tried to send the get request from Postman to http://traccar.ws:8082/api/session?token=USER_TOKEN, using the bearer header as per other working requests, but get a 400 Bad Request response and the following;
-75 - NegativeArraySizeException (CryptoManager:72 < TokenManager:77 < LoginService:81 < SessionResource:81 < ...)
I have scoured the resources and cannot find any reference to creating the token that links directly to the device as per the share device example.
Thanks,
Kev
It seems like the token is invalid.
I use the same token generated in the servers Settings->Preferences->Token option and it works fine as a Bearer token in the numerous API calls I make to create and edit Groups, Users and Devices.
When I replace the string "USER_TOKEN" with this token the API call works, but delivers back the exact same JSON as when I do a GET request to /session with the Bearer Authorisation. What is the point of this?
When you say "Web app uses the same API." What is the syntax of this API call? I cannot see any reference in the API documentation for /session to specify a device, nor anything in /devices to generate a token.
I am no closer to generating a Token to use for a URL link to an individual device...
The easiest option is to open the official web app, share a device and look at what API call the app is making.
How do you look at what API call is being made by the server app?
Browser console.
I see in the console?
const v = fn(a).toISOString()
, $ = await fetch("/api/devices/share", {
method: "POST",
body: new URLSearchParams(`deviceId=${n}&expiration=${v}`)
});
Using my Bearer auth, I was successfully able to retrieve a token by POSTing to /api/devices/share with the deviceId and expiration (full ISO) as fields within the body.
Is there any reason why the devices/share stub is not in the API documentation?
Would it not me more consistent with the rest of the API to have the deviceId and expiration delivered as a JSON bundle?
Are there other API functions that are undocumented?
Thanks,
Kev
Anton,
I am on top of this now and have it working from my PHP based Out of Hours notification app.
However I did discover a couple of things with relation to ISO format date/times.
Firstly, I notice that in the tc_positions table servertime,devicetime and fixtime are all UTC and usually withing a second or two of each other, despite my server being set to UTC+13. Is this normal?
Also, when making API calls such as /devices/share the only format accepted is that of YYYY-MM-DDT00:00:00Z not another valid ISO format such as YYYY-MM-DDT00:00:00+13:00 or YYYY-MM-DDT00:00:00+00:00 as generated by various PHP date formatting functions. Is it that all Dates in Traccar are fixed too UTC?
Thanks,
Kev
It is normal that device and server times are slightly different.
I believe any valid ISO format should be accepted. What is the error you get?
When I use $expiry = date("c", strtotime(date("Y-m-d h:i:s")." +2 days")); the date is sent as 2025-06-19T01:32:57+00:00
and I get the following response;
Text '2025-06-19T01:32:57 00:00' could not be parsed at index 19 - DateTimeParseException (... < DateUtil:63 < DateParameterConverterProvider:32 < *:28 < ... < OverrideFilter:49 < ...)
When I modify the date with $expiry = str_replace("+00:00","Z",date("c", strtotime(date("Y-m-d h:i:sa")." +2 days")));
The date is sent as 2025-06-24T01:34:32Z and I get the Token returned correctly.
I am wondering if the "+" is being filtered out thinking it is part of an encoded URL?
Anyway, I cannot use local time iso strings such as 2025-06-24T01:34:32+13:00
Kev
Plus is obviously the URL encoding. Even your format string doesn't have a plus and just has a space. So you're simply sending invalid ISO format.
I have an external PHP process that runs every 5 mins between 6pm and 6am to detect out of hours activities on specific devices. Basically I look for ignitionOn and ignitionOff events and extract the distance travelled from the attributes to determine if it an event to report by email.
The email has a google maps link but I would prefer if there was a link that could take the customer into the server app selecting the particular device so it could be viewed in real time.
Is this at all possible or something that could be done in a future release?
Thanks,
kev