 Rank: Guest Joined: 5/3/2018(UTC) Posts: 7 Location: Milwaukee
|
I know I can get a definition file for the rest api for my instance in the form of: https://[instancename].screenconnect.com/OpenApiDocument.axd (Is there a Swagger like document explaining the details of each function? What permissions are needed to make calls on the functions in this api, such as: https://[instancename].screenconnect.com/Services/PageService.ashx/GetSessionDetails I can make a raw call to this endpoint using something like fiddler/postman: Quote:POST https://[InstanceName].screenconnect.com/Services/PageService.ashx/GetSessionDetails HTTP/1.1 accept: application/JSON; charset=utf-8 content-type: application/json cache-control: no-cache authorization: Basic ************************** user-agent: PostmanRuntime/7.2.0 accept-encoding: gzip, deflate
["GROUPNAME","SESSIONID"] It seems I can only successfully make this call with the "Cloud Administrator" account, no others. I feel like I'm glossing over a permission ssue here, but I don't know where. I don't want to store cloud admin credentials in an application in order to make this work... Any insight is appreciated.
|
|
|
|
 Rank: Administration Medals:  Joined: 3/28/2014(UTC) Posts: 2,862  Thanks: 3 times Was thanked: 351 time(s) in 303 post(s)
|
So I guess the only reliable way to know which permissions are required for each method is to look at the functions themselves. Within the server installation in Services/PageService.ashx, the GetSessionDetails method has Code:
Permissions.AssertPermission(new SessionPermissionRequest { Name = PermissionInfo.ViewSessionGroupPermission, SessionGroupName = sessionGroupName, SessionType = sessionDetails.Session.SessionType }, permissionEntries);
meaning it requires the ViewSessionGroupPermission to return any information. It also requires the ViewSessionGuestScreenshotPermission (found one line above the previous code sample) to correctly return the image data. Just for another example, if you look within the MailService.ashx class at the SendTestEmail method, you can see it also asserts the AdministerPermission. |
ScreenConnect Team |
|
|
|
Forum Jump
You cannot post new topics in this forum.
You cannot reply to topics in this forum.
You cannot delete your posts in this forum.
You cannot edit your posts in this forum.
You cannot create polls in this forum.
You cannot vote in polls in this forum.