API Authentication

  • 11 Replies
  • 14062 Views

0 Members and 3 Guests are viewing this topic.

*

Offline donalld

  • Newbie
  • *
  • 2
  • 0
Re: API Authentication
« Reply #10 on: March 31, 2023, 09:04:03 PM »
I know this is a rather old topic, but still seems to get views on it.
To access the api, first you need to send the api request to  ..../MagicInfo/restapi/v2.0/auth   with content-type:application/json in the header, and  {"username":"password"} in the body of the the request, using the POST method.
You'll then receive a json response with token, refreshToken, dateFormat ,timeFormat, and scheduleFirstDay.   Parse the response stream and use the value from token in all your subsequent api calls by adding it into the header for your next request under the key named "api_key" with the value being from the previous response "token".  It's kind of confusing that you are renaming what the variable is called between the auth response and subsequent requests .
I just ran the example through fiddler:

REQUEST

POST https://myserver/MagicInfo/restapi/v2.0/auth HTTP/1.1
User-Agent:Fiddler Everywhere
Content-Type:application/json
Host:ss.10net.net:7002
Content-Length:52

{"username":"jknowles","password":"signageisfun"}

Response:

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Access-Control-Allow-Origin: *
X-FRAME-OPTIONS: SAMEORIGIN
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self' 'unsafe-inline' 'unsafe-eval'  blob:; img-src 'self' data:;worker-src blob:;
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Access-Control-Allow-Methods: POST, GET, PUT, OPTIONS, DELETE
Access-Control-Max-Age: 3600
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, api_key
X-Frame-Options: SAMEORIGIN
Content-Type: application/json;charset=UTF-8
Transfer-Encoding: chunked
Date: Thu, 24 Nov 2022 09:55:52 GMT

70e
{"token":"xxxxxxxxxxxxxxxxxxxxxxxxxxxxx","refreshToken":"yyyyyyyyyyyyyyyyy","dateFormat":"yyyy-MM-dd","timeFormat":"24hour","scheduleFirstDay":"0"}
0

I then use the token in my request for list of devices

Request:
GET https://myserver/MagicInfo/restapi/v2.0/rms/devices?pageSize=15&startIndex=1 HTTP/1.1
Content-Type: application/json
api_key: xxxxxxxxxxxxxxxxxxxxxxxxxxxxx
Host: myserver

Response:

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Access-Control-Allow-Origin: *
X-FRAME-OPTIONS: SAMEORIGIN
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self' 'unsafe-inline' 'unsafe-eval'  blob:; img-src 'self' data:;worker-src blob:;
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Access-Control-Allow-Methods: POST, GET, PUT, OPTIONS, DELETE
Access-Control-Max-Age: 3600
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, api_key
X-Frame-Options: SAMEORIGIN
Content-Type: application/json;charset=UTF-8
Transfer-Encoding: chunked
Date: Thu, 24 Nov 2022 10:35:43 GMT

2000
{"apiVersion":"2.0","status":"Success","items":[{"deviceName":"WP-320-Middle","deviceId":"f0-70-4f-0f-2e-2c","deviceType":"SPLAYER","deviceTypeVersion":7.0,"power":true,"groupNam

  etc. etc


Hope this helps!!1

I just registered here just to thank you a lot for this! saved my day

*

Offline ctoart

  • Newbie
  • *
  • 1
  • 0
Re: API Authentication
« Reply #11 on: May 04, 2023, 05:56:35 PM »
I know this is a rather old topic, but still seems to get views on it.

Thank you!
Where do I find the endpoints and a documentation?
II want to know if there is a way to know with API what video/file is playing

Tks!