logo

The ConnectWise Control forum has moved to ConnectWise University! This forum has been locked and is in read-only mode. Click here for instructions on how to access the new forum.

Welcome Guest! You can not login or register.

Notification

Icon
Error
RESTful API in 6.6?
Options
Go to last post Go to first unread
Previous Topic Next Topic
obrienmd  
#1 Posted : Monday, May 14, 2018 5:01:55 PM(UTC)
obrienmd


Rank: Member

Medals: ScreenConnect Advisor: Focus Group Member

Joined: 2/6/2015(UTC)
Posts: 28
United States
Location: Seattle, WA
https://docs.connectwise...es/Release_notes_archive

Shows for 6.6:
"Service methods available through RESTful APIs".

Support noted there are no docs for this yet, but is there something barebones to review? I'd love to be able to manage users, user groups, sessions and session groups via a RESTful API!!
Back to top
WWW

Back to top  
Scott  
#2 Posted : Thursday, May 17, 2018 5:15:33 PM(UTC)
Scott


Rank: Administration

Medals: Level 4: Wise Old Owl! Received 100 Thanks!

Joined: 3/28/2014(UTC)
Posts: 2,862
United States

Thanks: 3 times
Was thanked: 351 time(s) in 303 post(s)
I'm pretty sure we implement OpenAPI so you can pull the whole document by appending OpenApiDocument.axd to your Control instance URL, like:
Code:

https://my.server.com:8040/OpenApiDocument.axd
ScreenConnect Team
Back to top
obrienmd  
#3 Posted : Tuesday, May 29, 2018 5:46:24 PM(UTC)
obrienmd


Rank: Member

Medals: ScreenConnect Advisor: Focus Group Member

Joined: 2/6/2015(UTC)
Posts: 28
United States
Location: Seattle, WA
Originally Posted by: Scott Go to Quoted Post
I'm pretty sure we implement OpenAPI so you can pull the whole document by appending OpenApiDocument.axd to your Control instance URL, like:
Code:

https://my.server.com:8040/OpenApiDocument.axd


Thanks! Can't wait for it to be more fleshed out, and have docs!

Any idea how to authenticate for API calls? I'm going to try session-based (basically mock a web GUI login) first...
Back to top
WWW
Scott  
#4 Posted : Thursday, June 7, 2018 12:37:45 PM(UTC)
Scott


Rank: Administration

Medals: Level 4: Wise Old Owl! Received 100 Thanks!

Joined: 3/28/2014(UTC)
Posts: 2,862
United States

Thanks: 3 times
Was thanked: 351 time(s) in 303 post(s)
There are a few ways you can authenticate, the ConnectWise Control web server is just a C# web application and thus we implement authentication via HttpContext.

This means you can just pass Authorization via a Basic method with the username and password.

Another more secure method is to use the ASPXAUTH value stored within the cookie as a header in the request. Within a browser, log into the Host page and open the developer's console. Change to the Network tab and then refresh the page. You should see a request to the method "GetHostSessionInfo", right click on that and say Copy > Copy as cURL (this is for Firefox but I'd imagine chrome is very similar). Within this copied text is a -H "Cookie:.ASPXAUTH=xxx" header, you can take that and add it as a header to your request which should then provide an authenticated response without sending a password everytime.
ScreenConnect Team
Back to top
DCIArtformDev  
#5 Posted : Wednesday, September 12, 2018 9:51:08 PM(UTC)
DCIArtformDev


Rank: Guest

Joined: 5/3/2018(UTC)
Posts: 7
Location: Milwaukee
Originally Posted by: Scott Go to Quoted Post
There are a few ways you can authenticate, the ConnectWise Control web server is just a C# web application and thus we implement authentication via HttpContext.

This means you can just pass Authorization via a Basic method with the username and password.

Another more secure method is to use the ASPXAUTH value stored within the cookie as a header in the request. Within a browser, log into the Host page and open the developer's console. Change to the Network tab and then refresh the page. You should see a request to the method "GetHostSessionInfo", right click on that and say Copy > Copy as cURL (this is for Firefox but I'd imagine chrome is very similar). Within this copied text is a -H "Cookie:.ASPXAUTH=xxx" header, you can take that and add it as a header to your request which should then provide an authenticated response without sending a password everytime.


How long exactly will that value last? Isn't there an expiration on that value?
Back to top
Scott  
#6 Posted : Wednesday, October 3, 2018 1:52:08 PM(UTC)
Scott


Rank: Administration

Medals: Level 4: Wise Old Owl! Received 100 Thanks!

Joined: 3/28/2014(UTC)
Posts: 2,862
United States

Thanks: 3 times
Was thanked: 351 time(s) in 303 post(s)
Depending upon which Page and/or Service you are hitting, the lifespan is determined by different location-specific settings within the web.config. The exact setting is 'MaxLongestTicketReissueIntervalSeconds' and it should appear in several places depending upon which page/service it refers.
ScreenConnect Team
Back to top
Gavsto  
#7 Posted : Wednesday, January 30, 2019 9:34:38 AM(UTC)
Gavsto


Rank: Guest

Joined: 9/19/2018(UTC)
Posts: 2
United Kingdom
Location: UK
Can I authenticate against the API with 2FA?
Back to top
WWW
Scott  
#8 Posted : Wednesday, February 20, 2019 3:29:44 PM(UTC)
Scott


Rank: Administration

Medals: Level 4: Wise Old Owl! Received 100 Thanks!

Joined: 3/28/2014(UTC)
Posts: 2,862
United States

Thanks: 3 times
Was thanked: 351 time(s) in 303 post(s)
I don't believe that functionality is currently implemented. You could, however, create an Extension to do this.
ScreenConnect Team
Back to top
Users browsing this topic
Forum Jump  
You cannot post new topics in this forum.
You cannot reply to topics in this forum.
You cannot delete your posts in this forum.
You cannot edit your posts in this forum.
You cannot create polls in this forum.
You cannot vote in polls in this forum.

Powered by YAF.NET | YAF.NET © 2003-2020, Yet Another Forum.NET