User tokens in v 5.3
Check the API request that the official app is sending.
truth.
I forgot to check this through the UI inspecting the network.
I was looking in the postman collection
but now I see that I don't specify a user.
How do I, as an administrator, create a token for other users?
You need to login as a user first. Remember that admin can login as any user.
Which person can generate a token by sending the request to /api/session/token
With the parameters
expiration = "date time ISO date"
As I understand it, you don't need to be logged in to generate the token?
?
Obviously you have to be logged in.
I managed to perfectly test the API and also connect with the Websocket API.
Now I have a question, how do I delete SESSION from everywhere?
In my test, I delete the session using a Delete Method on the /api/SESSION endpoint obviously as documentation returns nothing.
However, the Websocket API continues to allow you to log in using the deleted session cookie.
How do I delete ALL SYSTEM SESSIONS?
Because to what I noticed delete /api/session is just a kind of LOGOUT
It shouldn't allow to connect after you delete the session.
Hi. So to properly generate a token for a user via API i need to:
- login as admin
- use some function to relogin as user?
- update the token via the /api/session/token for the currently logged in user?
I can not pass the user id of the user i want to generate the token for?
Correct.
OK, got it working, maybe it helps some in the future.
- curl GET to /api/session{userid} with the admin credentials in basic auth.
- save the cookie
- use the cookie and curl POST to /api/session/token with expiration as data for the post.
Hello. Hope you are doing well.
I am using the REST API of Traccar.
1: Create a session with /api/session (Ok)
2: Create a session token with /api/session/token (Ok)
My first question is that after I create a session by step 1, I get a JSESSIONID in response header. Isn't this token enough for authorization of my requests? Shall I still create a new token by step 2?
My second question and the problem is that when I use token to authenticate my requests I get 500 error.
I use the token as a Bearer token to authenticate my requests. Am I doing it wrong?
headers {
Authorization: "Bearer node017gfnbvchfuf31i5i829p91yda371.node0"
}
I understand server is using Basic authentication, but don't understand how to use the token to authenticate my requests.
Hi. Wrong, the token You need to use in the url, see the first post in this thread.
Ali, you're confusing session id with the authorization tokens. Those are entirely different things.
after upgrading to V5.5 several API features stopped working.
I checked that I should recreate another token in the new UI.
i recreated the token and saved it in my project which only uses the API.
now I come across this modification and I don't know how to create a token for registered users via API.
I already tried the following method.
error returned:
The @FormParam is utilized when the content type of the request entity is not application/x-www-form-urlencoded - IllegalStateException (...)// WARNING: For POST requests, body is set to null by browsers. var xhr = new XMLHttpRequest(); xhr.withCredentials = true; xhr.addEventListener("readystatechange", function() { if(this.readyState === 4) { console.log(this.responseText); } }); xhr.open("POST", "https://dominio.com.br/api/session/token?userId=2&expiration=2023-12-31T00:00:00.000Z"); // WARNING: Cookies will be stripped away by the browser before sending the request. xhr.setRequestHeader("Cookie", "JSESSIONID=node06q33f06zuqyc1tpngettdsdwl562.node0"); xhr.send();