I know this is a rather old topic, but still seems to get views on it.
To access the api, first you need to send the api request to ..../MagicInfo/restapi/v2.0/auth with content-type:application/json in the header, and {"username":"password"} in the body of the the request, using the POST method.
You'll then receive a json response with token, refreshToken, dateFormat ,timeFormat, and scheduleFirstDay. Parse the response stream and use the value from token in all your subsequent api calls by adding it into the header for your next request under the key named "api_key" with the value being from the previous response "token". It's kind of confusing that you are renaming what the variable is called between the auth response and subsequent requests .
I just ran the example through fiddler:
REQUEST
POST https://myserver/MagicInfo/restapi/v2.0/auth HTTP/1.1
User-Agent:Fiddler Everywhere
Content-Type:application/json
Host:ss.10net.net:7002
Content-Length:52
{"username":"jknowles","password":"signageisfun"}
Response:
HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Access-Control-Allow-Origin: *
X-FRAME-OPTIONS: SAMEORIGIN
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' blob:; img-src 'self' data:;worker-src blob:;
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Access-Control-Allow-Methods: POST, GET, PUT, OPTIONS, DELETE
Access-Control-Max-Age: 3600
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, api_key
X-Frame-Options: SAMEORIGIN
Content-Type: application/json;charset=UTF-8
Transfer-Encoding: chunked
Date: Thu, 24 Nov 2022 09:55:52 GMT
70e
{"token":"xxxxxxxxxxxxxxxxxxxxxxxxxxxxx","refreshToken":"yyyyyyyyyyyyyyyyy","dateFormat":"yyyy-MM-dd","timeFormat":"24hour","scheduleFirstDay":"0"}
0
I then use the token in my request for list of devices
Request:
GET https://myserver/MagicInfo/restapi/v2.0/rms/devices?pageSize=15&startIndex=1 HTTP/1.1
Content-Type: application/json
api_key: xxxxxxxxxxxxxxxxxxxxxxxxxxxxx
Host: myserver
Response:
HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Access-Control-Allow-Origin: *
X-FRAME-OPTIONS: SAMEORIGIN
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' blob:; img-src 'self' data:;worker-src blob:;
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Access-Control-Allow-Methods: POST, GET, PUT, OPTIONS, DELETE
Access-Control-Max-Age: 3600
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, api_key
X-Frame-Options: SAMEORIGIN
Content-Type: application/json;charset=UTF-8
Transfer-Encoding: chunked
Date: Thu, 24 Nov 2022 10:35:43 GMT
2000
{"apiVersion":"2.0","status":"Success","items":[{"deviceName":"WP-320-Middle","deviceId":"f0-70-4f-0f-2e-2c","deviceType":"SPLAYER","deviceTypeVersion":7.0,"power":true,"groupNam
etc. etc
Hope this helps!!1