OpenProject api authentication using account username and password

Question

Is it possible to make authenticated requests to OpenProject api using admin account username and password? I am currently trying Basic Authentication using username and password but invalid credentials error is received. Any help would be appreciated! Thanks! Edit: I tried as mentioned in the answer. This what I did: Changed the configuration.yml file as given:

default:

      rails_cache_store: <%= ENV.fetch('RAILS_CACHE_STORE') { :memcache }.to_sym %>
      session_store: <%= ENV.fetch('SESSION_STORE') { :cache_store }.to_sym %>
      email_delivery_method: <%= ENV.fetch('EMAIL_DELIVERY_METHOD') { :sendmail } %>
      smtp_address: <%= ENV['SMTP_HOST'] %>
      smtp_port: <%= ENV.fetch('SMTP_PORT') { 25 }.to_i %>
      smtp_domain: <%= ENV.fetch('SMTP_DOMAIN') { ENV['HOSTNAME'] } %>
      smtp_authentication: <%= ENV.fetch('SMTP_AUTHENTICATION') { :login }.to_sym %>
      smtp_user_name: <%= ENV['SMTP_USERNAME'] %>
      smtp_password: <%= ENV['SMTP_PASSWORD'] %>
      smtp_enable_starttls_auto: <%= ENV.fetch('SMTP_ENABLE_STARTTLS_AUTO') { "false" } %>
      attachments_storage_path: <%= ENV.fetch('ATTACHMENTS_STORAGE_PATH') { "/var/db/_APP_NAME_/files" } %>
      global_basic_auth:
         user: admin
         password: admin

Then made a basic auth api call with username and password both admin. But still the authentication didnt work. Should there be any other headers to be included?

Any update regarding this? – Yaseen Shareef Aug 29 '17 at 04:09 — Yaseen Shareef, Aug 29 '17 at 04:09

ulferts · Accepted Answer · 2017-08-30T09:18:00.850

3

The statement in the configuration.yml should read:

default:
  ...other configuration params...
  authentication:
    global_basic_auth:
      user: admin
      password: admin

The authentication-key is missing.

Once you have defined credentials in the configuration.yml correctly, which will grant admin privileges, you should be able to issue calls against the api using basic auth, e.g.: curl -u admin:admin http://localhost:3000/api/v3/users. Bear in mind, that using the -u option, curl already transforms the HTTP-header value correctly (Authorization: Basic YWRtaW46YWRtaW4= in this example). If you use anything other than curl, please ensure that the client sends the header value with username:password base64 encoded.

Please note, that you also have the option to define an api key per user as described by the documentation. Doing this, you can control the access rights of the user from granting him admin permissions to only limited permissions inside a specific project.

edited Aug 30 '17 at 09:18

answered Aug 29 '17 at 07:11

ulferts

2,187
12
19

I too prefer the first method but I cannot use it since it is account specific and that it can be reset by the user from his/her OP account and I am dealing with dynamic OP accounts using SSO functionality. I think the second method is what I need, I will check it and get back to you. Anyways thanks a lot! – Phoenix Dev Aug 29 '17 at 07:33
Hi, I have updated the answer with what I have tried. Please check!! Thanks! – Phoenix Dev Aug 30 '17 at 06:25
The authentication key was the issue. Now it's working. Thanks a lot mate! – Phoenix Dev Aug 30 '17 at 09:30

OpenProject api authentication using account username and password

1 Answers1