hey,sorry for simple questions to all API gurus 😉I just started using cUrl for getting API data, somehow after working years as Admin and Dev never has been needed...Being said, I want to understand how I as Admin can make a simple cUrl call to get for example all data for one user with a specific user ID.I see all the sample under Dev docs,but still having a situation or THE situation to code a cUrl call.Questions:- do I need a session-key to Get call?- how to get a session-key?- can I use instead of session-key another authentication method or none because I'm an Admin and signed in at the moment of the call?for example to get all badges from a user:curl -X GET \ 'https://[COMMUNITY-DOMAIN]/api/2.0/users/13/badges/' \ -H 'Authorization: Bearer [TOKEN]' \ -H 'client-id: [CLIENT-ID]'I got: client-id, but is Bearer [TOKEN]?another example, for this one, how to code a curl call?select id, name, node.id, role_status from roles where users.id = '17'Trying to see the logic and understand how to make a call.

Another approach is to use an Khoros Endpoint.You can use POSTMAN to issue a http request with a "API-TOKEN" header to poke this endpoint.In the endpoint, you can check this API-TOKEN. Then if API-TOKEN check is correct, then you can write a restadmin call to get whatever data you need. Also you can use http.client object to do a CURL out to 3rd party system.This method does not require a user to be created.

Hi irach15 - do I need a session-key to Get call? You don't need to use a session key for authentication, but you do need to use some form of API authentication. When I'm making test calls, I find it easiest to use session key auth. To use OAuth, you'll need extended backend systems. - how to get a session-key? We walk through how to retrieve a session key in Session Key authentication. Here is an example from the guide: curl --location --request \ POST' https://[COMMUNITY DOMAIN]/restapi/vc/authentication/sessions/login' \ --form 'user.login=[USER NAME]' \ --form 'user.password=[PASSWORD]' We've got some example GET cURL calls that include LiQL queries in The Community API v2 request. You'll need to URL encode the query, as shown here. curl -L -X GET \ 'httpS://[COMMUNITY DOMAIN]/api/2.0/search?q=SELECT%20count(*)%20FROM%20messages%20WHERE%20author.login%20%3D%20%27docadmin%27' \ -H 'li-api-session-key: [SESSION KEY]' - how to code a curl call? select id, name, node.id, role_status from roles where users.id = '17' Here is what I used locally to test out your query:Get a session key curl -X POST https://my.qa.lithium.com/restapi/vc/authentication/sessions/login -H 'content-type: application/x-www-form-urlencoded' -d 'user.login=admin&user.password=mypassword' This returned a session key.Then I used an online URL encoder for the LiQL statement select%20id%2C%20name%2C%20node.id%2C%20role_status%20from%20roles%20where%20users.id%20%3D%20%2717%27 Then I built my GET request in cURL like this curl -L -X GET \ 'https://my.qa.lithium.com/api/2.0/search?q=select%20id%2C%20name%2C%20node.id%2C%20role_status%20from%20roles%20where%20users.id%20%3D%20%2717%27' \ -H 'li-api-session-key: x5WMj36WEL9cvM7K1oUNLCnXXbRJQXwMbCI3PDhYO98.' I got a successful response { "status":"success", "message":"", "http_code":200, "data":{ "type":"roles", "list_item_type":"role", "size":10, "items":[ { "type":"role", "id":"t:Administrator", "name":"Administrator", "role_status":"active", "node":{ "type":"node", "id":"community:Hawley2Community" } }, { "type":"role", "id":"t:BlogAuthor", "name":"BlogAuthor", "role_status":"active", "node":{ "type":"node", "id":"community:Hawley2Community" } }, { "type":"role", "id":"t:CIC", "name":"CIC", "role_status":"active", "node":{ "type":"node", "id":"community:Hawley2Community" } }, { "type":"role", "id":"t:CategoryExpert", "name":"CategoryExpert", "role_status":"active", "node":{ "type":"node", "id":"community:Hawley2Community" } }, { "type":"role", "id":"t:Lithium", "name":"Lithium", "role_status":"active", "node":{ "type":"node", "id":"community:Hawley2Community" } }, { "type":"role", "id":"b:BlogPremodSpam:BlogAuthor", "name":"BlogAuthor", "role_status":"active", "node":{ "type":"node", "id":"board:BlogPremodSpam" } }, { "type":"role", "id":"b:BlogPremodSpam:BlogModerator", "name":"BlogModerator", "role_status":"active", "node":{ "type":"node", "id":"board:BlogPremodSpam" } }, { "type":"role", "id":"c:suzieSandbox:CategoryExpert", "name":"CategoryExpert", "role_status":"active", "node":{ "type":"node", "id":"category:suzieSandbox" } }, { "type":"role", "id":"b:suziesBlog:BlogAuthor", "name":"BlogAuthor", "role_status":"active", "node":{ "type":"node", "id":"board:suziesBlog" } }, { "type":"role", "id":"b:suziesBlog:BlogModerator", "name":"BlogModerator", "role_status":"active", "node":{ "type":"node", "id":"board:suziesBlog" } } ] }, "metadata":{ } } I hope this helps.

SuzieH I saw those samplesthe question is where or how I can get SSO-token? I'm the Admin, I need to run cUrl as myself. How to find it?Update: after digging in to Dev docs, found this article:https://community.khoros.com/t5/Support-Information/How-can-I-find-my-own-Lithium-SSO-cookie-token/ta-p/35914Trying it...

(I started writing this reply before Stan's response, but forgot to submit. Hopefully still useful).I also struggled with this a lot when playing around w/ API.I ended up:(1) creating a NON-SSO user via the admin console (Users > Permissions > Create User) & granting them API permissions(2) Using Postman to handle the session keys. Unfortunately I don't remember the details of how I did this, but once it was set up it was nice and easy to make calls. Check out https://www.postman.com/ Cheers!

Hi irach15 -I am far far FAR from an expert on this, but here is what I did. (1) Call /authentication/sessions/login to get a session key: (2) Once you get that session key, save it in the Headers for your next request:Hope that helps!

cUrl call to get data

20 Replies

CarolineS
Boss
5 years ago
(I started writing this reply before Stan's response, but forgot to submit. Hopefully still useful).
I also struggled with this a lot when playing around w/ API.
I ended up:
(1) creating a NON-SSO user via the admin console (Users > Permissions > Create User) & granting them API permissions
(2) Using Postman to handle the session keys. Unfortunately I don't remember the details of how I did this, but once it was set up it was nice and easy to make calls. Check out https://www.postman.com/
Cheers!
TedV
Khoros Alumni (Retired)
5 years ago
Hi irach15 ,

If any of the comments answered your question, would you mind marking it as an Accepted Solution?

Thanks!
irach15
Maven
5 years ago
TedV & SuzieH
updates:
I've tried as recommended.
- created non-SSO account
- granted Admin role
tried to get a session key from Suzie's example, no luck
<response status="error"> <error code="302"> <message> User authentication failed. </message> </error> </response> curl: (6) Could not resolve host: application 'user.password' is not recognized as an internal or external command, operable program or batch file.
Note: I'm on Windows 10. cUrl installed by default and it's running.
Any advice on this?
I've read lots of docs on cUrl...
irach15
Maven
5 years ago
CarolineS
tried
- non-SSO user created
- signed on to Postman
- run Post request with user name & psw
- no luck
<response status="error"> <error code="302"> <message> User authentication failed. </message> </error> </response>
CarolineS
Boss
5 years ago
Hi irach15 -
I am far far FAR from an expert on this, but here is what I did.
(1) Call /authentication/sessions/login to get a session key:
(2) Once you get that session key, save it in the Headers for your next request:
Hope that helps!
irach15
Maven
5 years ago
CarolineS
aha... I see your url is different than provided in all Khoros docs...
I'll try.
Can you pz past the Post url here?
also, what is Authorization in Postman, basic?
Postman settings will help a lot to 🙂
thanks.
CarolineS
Boss
5 years ago
I followed the instructions for Session Key authentication, here: https://developer.khoros.com/khoroscommunitydevdocs/docs/session-key
Per that documentation, the URL for authentication is: https://[COMMUNITY-DOMAIN]/restapi/vc/authentication/sessions/login (w/ parameters user.login and user.password)
I didn't change the Postman settings from the default settings at all - I see that the Authorization settings are set to: Type: 0Auth 1.0 and Signature Method: HMAC-SHA1 - again, pretty sure that was just what the defaults were.
Hope this helps! This is pretty much the extent of my knowledge on this so hopefully someone else will have answers if you have further questions!
Cheers!
peterlu
Champion
5 years ago
Another approach is to use an Khoros Endpoint.
You can use POSTMAN to issue a http request with a "API-TOKEN" header to poke this endpoint.
In the endpoint, you can check this API-TOKEN. Then if API-TOKEN check is correct, then you can write a restadmin call to get whatever data you need. Also you can use http.client object to do a CURL out to 3rd party system.
This method does not require a user to be created.
irach15
Maven
5 years ago
peterlu
and I need to code an endpoint for the call?
why is it so complicated? it should be just easy call to check and get the data...
any sample for endpoint call appreciated
thanks

peterlu

Champion

5 years ago

irach15 Here is some coding example. Being a developer is not fun 🙂 I can share your pain.

<#compress>
<#assign header_names = http.request.headerNames />
<#assign token_from_request = "" />
<#if header_names?seq_contains("API-TOKEN")>
  <#assign token_from_request = http.request.getHeader("API-TOKEN") />
</#if>

<#assign token_from_setting = community.settings.name.get("your.community.settings.list.variable", "") />

<#if token_from_request == token_from_setting>
  <#assign query = "........." />
  <#assign items = restadmin("2.0", "/search?q=${query?url}").data.items![] />
  {
    "data": [
      <#list items as item>
        {
        	// some json print out coding
        }
      </#list>
    ]
  }
<#else>
  {"error": "invalid request"}
</#if>
</#compress>

<#compress>
<#assign header_names = http.request.headerNames />
<#assign token_from_request = "" />
<#if header_names?seq_contains("API-TOKEN")>
  <#assign token_from_request = http.request.getHeader("API-TOKEN") />
</#if>

<#assign token_from_setting = community.settings.name.get("your.community.settings.list.variable", "") />

<#if token_from_request == token_from_setting>
  <#-- curl out to 3rd party -->
  <#assign response = http.client.request("some url").header("Content-Type","application/x-www-form-urlencoded").parameter("p1", "v1").parameter("p2", "v2").post()/>
  <#--some error condition checks-->
  <#--success or error JSON print out-->
<#else>
  {"error": "invalid request"}
</#if>
</#compress>

Forum Discussion

cUrl call to get data

20 Replies

Related Content

curl with space

Billable Application Call details

Personal Data Inventory for Khoros Subscription Services

Khoros Customer Data Retention and Destruction Policy

API Call for Retrieving Pre-Moderation Messages

Recent Discussions

How to Contact Roadrunner: Comprehensive Guide

How to fetch all labels associated with TkbArticlePage and count how many times each label is used

In Aurora, add additional <script> and <meta> tags

Setup content filter for arabic language

24.10 API change breaks navigation