Discussion:
API calls and keys
Giri Prasad
2014-09-03 12:10:05 UTC
Permalink
Hello,

I am using a html/php script to read in userid, password and domain id from the user. Using CloudStackClient.php, I am able to call most of the api's, like list vm's, and the output seems correct.

And I want to use some API's via <a href ....> like:

http://XXX.XXX.XXX.5:8080/client/api?command=startVirtualMachine&id=aaaaaaaa-bbbb-cccc-dddd-eeeeeeeeeeee
http://XXX.XXX.XXX.5:8080/client/api?command=stopVirtualMachine&id=aaaaaaaa-bbbb-cccc-dddd-eeeeeeeeeeee
http://XXX.XXX.XXX.5:8080/client/console?cmd=access&vm=aaaaaaaa-bbbb-cccc-dddd-eeeeeeeeeeee

I need to add dynamically the apikey and signature:

&apiKey=miVr6X7u6bN_sdahOBpjNejPgEsT35eXqjB8CG20YI3yaxXcgpyuaIRmFI_EJTVwZ0nUkkJbPmY3y2bciKwFQ
&signature=Lxx1DM40AjcXU%2FcaiK8RAP0O1hU%3D

since apikey and signature are required, are there, any api's, where I can dynamically, get it from the CS infra, and use the return values, for building the apiKey and signature part of the url.


I need to get the apikey and signature dynamically, for a specific user (userid/passwd), and then use it, for building the url.


Thanks & Regards,
Giri

Without apikeys and signature:
<startvirtualmachineresponse cloud-stack-version="4.1.1"><errorcode>401</errorcode><errortext>unable to verify user credentials and/or request signature</errortext></startvirtualmachineresponse>

console?cmd=access
Access denied. Invalid web session or API key in request
abhisek basu
2014-09-03 15:13:43 UTC
Permalink
You need to generate the signature; sample code us here: http://abhisekbasu.wordpress.com/2013/11/19/how-to-generate-signature-for-cloudstack-api/

You may also consider using login api in your scenario.

Sent from my iPhone
Post by Giri Prasad
Hello,
I am using a html/php script to read in userid, password and domain id from the user. Using CloudStackClient.php, I am able to call most of the api's, like list vm's, and the output seems correct.
http://XXX.XXX.XXX.5:8080/client/api?command=startVirtualMachine&id=aaaaaaaa-bbbb-cccc-dddd-eeeeeeeeeeee
http://XXX.XXX.XXX.5:8080/client/api?command=stopVirtualMachine&id=aaaaaaaa-bbbb-cccc-dddd-eeeeeeeeeeee
http://XXX.XXX.XXX.5:8080/client/console?cmd=access&vm=aaaaaaaa-bbbb-cccc-dddd-eeeeeeeeeeee
&apiKey=miVr6X7u6bN_sdahOBpjNejPgEsT35eXqjB8CG20YI3yaxXcgpyuaIRmFI_EJTVwZ0nUkkJbPmY3y2bciKwFQ
&signature=Lxx1DM40AjcXU%2FcaiK8RAP0O1hU%3D
since apikey and signature are required, are there, any api's, where I can dynamically, get it from the CS infra, and use the return values, for building the apiKey and signature part of the url.
I need to get the apikey and signature dynamically, for a specific user (userid/passwd), and then use it, for building the url.
Thanks & Regards,
Giri
<startvirtualmachineresponse cloud-stack-version="4.1.1"><errorcode>401</errorcode><errortext>unable to verify user credentials and/or request signature</errortext></startvirtualmachineresponse>
console?cmd=access
Access denied. Invalid web session or API key in request
Giri Prasad
2014-09-05 11:47:15 UTC
Permalink
I have implemented a few of the cs api calls via php, like listVirtualMachines, using CloudStackClient. I need to implement the view console via a api call. I saw on some net posting's, the url used:

http://xx.xx.xx.xx:8080/client/console?cmd=access&vm=xxxxxxxxx&signature=XXXXXX or http://xx.xx.xx.xx:8080/client/api?cmd=access&vm=xxxxxxxxx&signature=XXXXXX

http://XXX.XXX.XXX.5:8080/client/console?cmd=access&vm=aaaaaaaa-bbbb-cccc-dddd-eeeeeeeeeeee

The need is to pass the string to the browser, without exposing the (secret key / api key) signature, which will be showed in the browser url, when the user clicks on the link. Or is there any direct cloudstack api which can be called?

Any ideas on this?




________________________________
From: abhisek basu <***@msn.com>
To: "users-***@public.gmane.org" <users-***@public.gmane.org>
Cc: "dev-***@public.gmane.org" <dev-***@public.gmane.org>
Sent: Wednesday, 3 September 2014 8:43 PM
Subject: Re: API calls and keys


You need to generate the signature; sample code us here: http://abhisekbasu.wordpress.com/2013/11/19/how-to-generate-signature-for-cloudstack-api/

You may also consider using login api in your scenario.

Sent from my iPhone
Post by Giri Prasad
Hello,
I am using a html/php script to read in userid, password and domain id from the user. Using CloudStackClient.php, I am able to call most of the api's, like list vm's, and the output seems correct.
http://XXX.XXX.XXX.5:8080/client/api?command=startVirtualMachine&id=aaaaaaaa-bbbb-cccc-dddd-eeeeeeeeeeee
http://XXX.XXX.XXX.5:8080/client/api?command=stopVirtualMachine&id=aaaaaaaa-bbbb-cccc-dddd-eeeeeeeeeeee
http://XXX.XXX.XXX.5:8080/client/console?cmd=access&vm=aaaaaaaa-bbbb-cccc-dddd-eeeeeeeeeeee
&apiKey=miVr6X7u6bN_sdahOBpjNejPgEsT35eXqjB8CG20YI3yaxXcgpyuaIRmFI_EJTVwZ0nUkkJbPmY3y2bciKwFQ
&signature=Lxx1DM40AjcXU%2FcaiK8RAP0O1hU%3D
since apikey and signature are required, are there, any api's, where I can dynamically, get it from the CS infra, and use the return values, for building the apiKey and signature part of the url.
I need to get the apikey and signature dynamically, for a specific user (userid/passwd), and then use it, for building the url.
Thanks & Regards,
Giri
<startvirtualmachineresponse cloud-stack-version="4.1.1"><errorcode>401</errorcode><errortext>unable to verify user credentials and/or request signature</errortext></startvirtualmachineresponse>
console?cmd=access
Access denied. Invalid web session or API key in request
Demetrius Tsitrelis
2014-09-05 20:37:59 UTC
Permalink
What about using POST via AJAX instead of using implied GET in the link?

-----Original Message-----
From: Giri Prasad [mailto:***@yahoo.com.INVALID]
Sent: Friday, September 05, 2014 4:47 AM
To: ***@cloudstack.apache.org; ***@cloudstack.apache.org
Subject: Re: API calls and keys

I have implemented a few of the cs api calls via php, like listVirtualMachines, using CloudStackClient. I need to implement the view console via a api call. I saw on some net posting's, the url used:

http://xx.xx.xx.xx:8080/client/console?cmd=access&vm=xxxxxxxxx&signature=XXXXXX or http://xx.xx.xx.xx:8080/client/api?cmd=access&vm=xxxxxxxxx&signature=XXXXXX

http://XXX.XXX.XXX.5:8080/client/console?cmd=access&vm=aaaaaaaa-bbbb-cccc-dddd-eeeeeeeeeeee

The need is to pass the string to the browser, without exposing the (secret key / api key) signature, which will be showed in the browser url, when the user clicks on the link. Or is there any direct cloudstack api which can be called?

Any ideas on this?




________________________________
From: abhisek basu <***@msn.com>
To: "***@cloudstack.apache.org" <***@cloudstack.apache.org>
Cc: "***@cloudstack.apache.org" <***@cloudstack.apache.org>
Sent: Wednesday, 3 September 2014 8:43 PM
Subject: Re: API calls and keys


You need to generate the signature; sample code us here: http://abhisekbasu.wordpress.com/2013/11/19/how-to-generate-signature-for-cloudstack-api/

You may also consider using login api in your scenario.

Sent from my iPhone
Post by Giri Prasad
Hello,
I am using a html/php script to read in userid, password and domain id from the user. Using CloudStackClient.php, I am able to call most of the api's, like list vm's, and the output seems correct.
http://XXX.XXX.XXX.5:8080/client/api?command=startVirtualMachine&id=aa
aaaaaa-bbbb-cccc-dddd-eeeeeeeeeeee
http://XXX.XXX.XXX.5:8080/client/api?command=stopVirtualMachine&id=aaa
aaaaa-bbbb-cccc-dddd-eeeeeeeeeeee
http://XXX.XXX.XXX.5:8080/client/console?cmd=access&vm=aaaaaaaa-bbbb-c
ccc-dddd-eeeeeeeeeeee
&apiKey=miVr6X7u6bN_sdahOBpjNejPgEsT35eXqjB8CG20YI3yaxXcgpyuaIRmFI_EJT
VwZ0nUkkJbPmY3y2bciKwFQ &signature=Lxx1DM40AjcXU%2FcaiK8RAP0O1hU%3D
since apikey and signature are required, are there, any api's, where I can dynamically, get it from the CS infra, and use the return values, for building the apiKey and signature part of the url.
I need to get the apikey and signature dynamically, for a specific user (userid/passwd), and then use it, for building the url.
Thanks & Regards,
Giri
<startvirtualmachineresponse
cloud-stack-version="4.1.1"><errorcode>401</errorcode><errortext>unabl
e to verify user credentials and/or request
signature</errortext></startvirtualmachineresponse>
console?cmd=access
Access denied. Invalid web session or API key
Giri Prasad
2014-09-06 08:10:08 UTC
Permalink
Thanks for the idea.

Using php, following opens the terminal for the vm:
$link = "<script>window.open(\"$url\")</script>";
echo $link;

Well, popup window, needs to enabled in the browser.



________________________________
From: Demetrius Tsitrelis <Demetrius.Tsitrelis-Sxgqhf6Nn4DQT0dZR+***@public.gmane.org>
To: "users-***@public.gmane.org" <***@cloudstack.apache.org>; 'Giri Prasad' <g_pr23-/***@public.gmane.org>; "***@cloudstack.apache.org" <dev-***@public.gmane.org>
Sent: Saturday, 6 September 2014 2:07 AM
Subject: RE: API calls and keys


What about using POST via AJAX instead of using implied GET in the link?


-----Original Message-----
From: Giri Prasad [mailto:g_pr23-/***@public.gmane.org]
Sent: Friday, September 05, 2014 4:47 AM
To: dev-***@public.gmane.org; ***@cloudstack.apache.org
Subject: Re: API calls and keys

I have implemented a few of the cs api calls via php, like listVirtualMachines, using CloudStackClient. I need to implement the view console via a api call. I saw on some net posting's, the url used:

http://xx.xx.xx.xx:8080/client/console?cmd=access&vm=xxxxxxxxx&signature=XXXXXX or http://xx.xx.xx.xx:8080/client/api?cmd=access&vm=xxxxxxxxx&signature=XXXXXX

http://XXX.XXX.XXX.5:8080/client/console?cmd=access&vm=aaaaaaaa-bbbb-cccc-dddd-eeeeeeeeeeee

The need is to pass the string to the browser, without exposing the (secret key / api key) signature, which will be showed in the browser url, when the user clicks on the link. Or is there any direct cloudstack api which can be called?

Any ideas on this?




________________________________
From: abhisek basu <abhisekbasu-***@public.gmane.org>
To: "users-***@public.gmane.org" <users-***@public.gmane.org>
Cc: "***@cloudstack.apache.org" <dev-***@public.gmane.org>
Sent: Wednesday, 3 September 2014 8:43 PM
Subject: Re: API calls and keys


You need to generate the signature; sample code us here: http://abhisekbasu.wordpress.com/2013/11/19/how-to-generate-signature-for-cloudstack-api/

You may also consider using login api in your scenario.

Sent from my iPhone
Post by Giri Prasad
Hello,
I am using a html/php script to read in userid, password and domain id from the user. Using CloudStackClient.php, I am able to call most of the api's, like list vm's, and the output seems correct.
http://XXX.XXX.XXX.5:8080/client/api?command=startVirtualMachine&id=aa
aaaaaa-bbbb-cccc-dddd-eeeeeeeeeeee
http://XXX.XXX.XXX.5:8080/client/api?command=stopVirtualMachine&id=aaa
aaaaa-bbbb-cccc-dddd-eeeeeeeeeeee
http://XXX.XXX.XXX.5:8080/client/console?cmd=access&vm=aaaaaaaa-bbbb-c
ccc-dddd-eeeeeeeeeeee
&apiKey=miVr6X7u6bN_sdahOBpjNejPgEsT35eXqjB8CG20YI3yaxXcgpyuaIRmFI_EJT
VwZ0nUkkJbPmY3y2bciKwFQ &signature=Lxx1DM40AjcXU%2FcaiK8RAP0O1hU%3D
since apikey and signature are required, are there, any api's, where I can dynamically, get it from the CS infra, and use the return values, for building the apiKey and signature part of the url.
I need to get the apikey and signature dynamically, for a specific user (userid/passwd), and then use it, for building the url.
Thanks & Regards,
Giri
<startvirtualmachineresponse
cloud-stack-version="4.1.1"><errorcode>401</errorcode><errortext>unabl
e to verify user credentials and/or request
signature</errortext></startvirtualmachineresponse>
console?cmd=access
Access denied. Invalid web session or API key in request
Continue reading on narkive:
Loading...