 Rank: Member Medals:  Joined: 2/6/2015(UTC) Posts: 28  Location: Seattle, WA
|
https://docs.connectwise...es/Release_notes_archiveShows for 6.6: "Service methods available through RESTful APIs". Support noted there are no docs for this yet, but is there something barebones to review? I'd love to be able to manage users, user groups, sessions and session groups via a RESTful API!!
|
|
|
|
 Rank: Administration Medals:  Joined: 3/28/2014(UTC) Posts: 2,862  Thanks: 3 times Was thanked: 351 time(s) in 303 post(s)
|
I'm pretty sure we implement OpenAPI so you can pull the whole document by appending OpenApiDocument.axd to your Control instance URL, like: Code:
https://my.server.com:8040/OpenApiDocument.axd
|
ScreenConnect Team |
|
|
|
 Rank: Member Medals:  Joined: 2/6/2015(UTC) Posts: 28  Location: Seattle, WA
|
Originally Posted by: Scott  I'm pretty sure we implement OpenAPI so you can pull the whole document by appending OpenApiDocument.axd to your Control instance URL, like: Code:
https://my.server.com:8040/OpenApiDocument.axd
Thanks! Can't wait for it to be more fleshed out, and have docs! Any idea how to authenticate for API calls? I'm going to try session-based (basically mock a web GUI login) first...
|
|
|
|
 Rank: Administration Medals:  Joined: 3/28/2014(UTC) Posts: 2,862  Thanks: 3 times Was thanked: 351 time(s) in 303 post(s)
|
There are a few ways you can authenticate, the ConnectWise Control web server is just a C# web application and thus we implement authentication via HttpContext.
This means you can just pass Authorization via a Basic method with the username and password.
Another more secure method is to use the ASPXAUTH value stored within the cookie as a header in the request. Within a browser, log into the Host page and open the developer's console. Change to the Network tab and then refresh the page. You should see a request to the method "GetHostSessionInfo", right click on that and say Copy > Copy as cURL (this is for Firefox but I'd imagine chrome is very similar). Within this copied text is a -H "Cookie:.ASPXAUTH=xxx" header, you can take that and add it as a header to your request which should then provide an authenticated response without sending a password everytime. |
ScreenConnect Team |
|
|
|
 Rank: Guest Joined: 5/3/2018(UTC) Posts: 7 Location: Milwaukee
|
Originally Posted by: Scott  There are a few ways you can authenticate, the ConnectWise Control web server is just a C# web application and thus we implement authentication via HttpContext.
This means you can just pass Authorization via a Basic method with the username and password.
Another more secure method is to use the ASPXAUTH value stored within the cookie as a header in the request. Within a browser, log into the Host page and open the developer's console. Change to the Network tab and then refresh the page. You should see a request to the method "GetHostSessionInfo", right click on that and say Copy > Copy as cURL (this is for Firefox but I'd imagine chrome is very similar). Within this copied text is a -H "Cookie:.ASPXAUTH=xxx" header, you can take that and add it as a header to your request which should then provide an authenticated response without sending a password everytime. How long exactly will that value last? Isn't there an expiration on that value?
|
|
|
|
 Rank: Administration Medals:  Joined: 3/28/2014(UTC) Posts: 2,862  Thanks: 3 times Was thanked: 351 time(s) in 303 post(s)
|
Depending upon which Page and/or Service you are hitting, the lifespan is determined by different location-specific settings within the web.config. The exact setting is 'MaxLongestTicketReissueIntervalSeconds' and it should appear in several places depending upon which page/service it refers. |
ScreenConnect Team |
|
|
|
 Rank: Guest Joined: 9/19/2018(UTC) Posts: 2  Location: UK
|
Can I authenticate against the API with 2FA?
|
|
|
|
 Rank: Administration Medals:  Joined: 3/28/2014(UTC) Posts: 2,862  Thanks: 3 times Was thanked: 351 time(s) in 303 post(s)
|
I don't believe that functionality is currently implemented. You could, however, create an Extension to do this. |
ScreenConnect Team |
|
|
|
Forum Jump
You cannot post new topics in this forum.
You cannot reply to topics in this forum.
You cannot delete your posts in this forum.
You cannot edit your posts in this forum.
You cannot create polls in this forum.
You cannot vote in polls in this forum.