cUrl call to get data

irach15 I think, Stan's suggestion is the way to go. Is there a reason that you need/want to use the SSO token? When I brought up your issues with one of our Services team members, (and asked if you could use a non-sso account for your testing instead) he had this to say:

Lithium/Khoros SSO tokens are single-use. So if it’s already been processed by the UI (i.e. they logged into Community already), then they won’t be able to use it for logging into the API.

Assuming they have access to the encryption key (I sure hope so if they’re trying to login to the API…) they can just use the Khoros SSO library directly to generate a token for API use and then pass that to the API

The main benefit of the sso token approach is for account provisioning and user attribute syncing. But if they don’t need that, non-sso account is the way to go

The only other perk of SSO token that comes to mind, and I’ve see this with a customer or two… if they need to “switch” users via API, as in to perform actions as an end-user. You can only “switch” by login name, and we sometimes have SSO customers with non-unique login names (not good). So with the sso token you can get around that by generating an sso token for the user you want to authenticate as.

I'm admittedly out of my own depth here but saw this and figured I'll throw it out there - Could you not just create a normal user in Khoros (outside of SSO), make them an admin, thus bypassing the need to worry about SSO/the token at all?

Again, I may just be totally misunderstanding all of this, but we have multiple 'service' users who exist outside of SSO which handle integrations between various systems outside of Khoros.

SuzieH 

nope, no luck

I found lots of Khoros cookies (note: had to search for Khoros not Lithium...) but not SSO one.

Still has no idea where and how to get SSO token.

Any help?

Beautiful! Yes, please let me know if this works for you. If so, I'll be sure to add a link to that article from the LithiumSSO token auth dev guide.

SuzieH 

I saw those samples

the question is where or how I can get SSO-token? 

I'm the Admin, I need to run cUrl as myself. How to find it?

Update: after digging in to Dev docs, found this article:

https://community.khoros.com/t5/Support-Information/How-can-I-find-my-own-Lithium-SSO-cookie-token/ta-p/35914

Trying it...

Good to know. I found this example in our LIthiumSSO Token authentication guide.  Do you have an sso authentication token for your user that you could pass like this?

curl -X \
    POST https://[COMMUNITY DOMAIN]/restapi/vc/authentication/sessions/login \
    -H 'content-type: application/x-www-form-urlencoded' \
    -d 'sso.authentication_token': '~aj340iw03riaw3ria9pw3ir09aw3ir90awillzxdvmklzsd'

SuzieH 

okay, I've tried

we have SSO signin and psw

cUrl response on trying to get a session-key

<response status="error">
  <error code="302">
    <message>
      User authentication failed.
    </message>
  </error>
</response>
curl: (6) Could not resolve host: application
'user.password' is not recognized as an internal or external command,
operable program or batch file.

in the user.name field is my user name, in the psw field - my signing psw?

I see that I need 

how to find it?

and how to code it in the cUrl request?

Ooo. That is getting out of my depth 😀

But, I did find some possible examples in this Stack Overflow thread. Perhaps some of our real cURL gurus can jump in.

Thank you very much!

SuzieH 

one more question, how to or is it anyway to save cUrl response in a file format?

and upload or save it in a specific folder?

it would be nice to have step by step guidelines.

Hi irach15 

- do I need a session-key to Get call?

You don't need to use a session key for authentication, but you do need to use some form of API authentication. When I'm making test calls, I find it easiest to use session key auth. To use OAuth, you'll need extended backend systems. 

- how to get a session-key?

We walk through how to retrieve a session key in Session Key authentication.

Here is an example from the guide:

curl --location --request \
    POST' https://[COMMUNITY DOMAIN]/restapi/vc/authentication/sessions/login' \
    --form 'user.login=[USER NAME]' \
    --form 'user.password=[PASSWORD]'

We've got some example GET cURL calls that include LiQL queries in The Community API v2 request. You'll need to URL encode the query, as shown here.

curl -L -X GET \
'httpS://[COMMUNITY DOMAIN]/api/2.0/search?q=SELECT%20count(*)%20FROM%20messages%20WHERE%20author.login%20%3D%20%27docadmin%27' \
-H 'li-api-session-key: [SESSION KEY]'

-  how to code a curl call?

select id, name, node.id, role_status from roles where users.id = '17'

Here is what I used locally to test out your query:

Get a session key

curl -X POST https://my.qa.lithium.com/restapi/vc/authentication/sessions/login -H 'content-type: application/x-www-form-urlencoded' -d 'user.login=admin&user.password=mypassword'

This returned a session key.

Then I used an online URL encoder for the LiQL statement

select%20id%2C%20name%2C%20node.id%2C%20role_status%20from%20roles%20where%20users.id%20%3D%20%2717%27

Then I built my GET request in cURL like this

curl -L -X GET \
'https://my.qa.lithium.com/api/2.0/search?q=select%20id%2C%20name%2C%20node.id%2C%20role_status%20from%20roles%20where%20users.id%20%3D%20%2717%27' \
-H 'li-api-session-key: x5WMj36WEL9cvM7K1oUNLCnXXbRJQXwMbCI3PDhYO98.'

I got a successful response

{
  "status":"success",
  "message":"",
  "http_code":200,
  "data":{
    "type":"roles",
    "list_item_type":"role",
    "size":10,
    "items":[
      {
        "type":"role",
        "id":"t:Administrator",
        "name":"Administrator",
        "role_status":"active",
        "node":{
          "type":"node",
          "id":"community:Hawley2Community"
        }
      },
      {
        "type":"role",
        "id":"t:BlogAuthor",
        "name":"BlogAuthor",
        "role_status":"active",
        "node":{
          "type":"node",
          "id":"community:Hawley2Community"
        }
      },
      {
        "type":"role",
        "id":"t:CIC",
        "name":"CIC",
        "role_status":"active",
        "node":{
          "type":"node",
          "id":"community:Hawley2Community"
        }
      },
      {
        "type":"role",
        "id":"t:CategoryExpert",
        "name":"CategoryExpert",
        "role_status":"active",
        "node":{
          "type":"node",
          "id":"community:Hawley2Community"
        }
      },
      {
        "type":"role",
        "id":"t:Lithium",
        "name":"Lithium",
        "role_status":"active",
        "node":{
          "type":"node",
          "id":"community:Hawley2Community"
        }
      },
      {
        "type":"role",
        "id":"b:BlogPremodSpam:BlogAuthor",
        "name":"BlogAuthor",
        "role_status":"active",
        "node":{
          "type":"node",
          "id":"board:BlogPremodSpam"
        }
      },
      {
        "type":"role",
        "id":"b:BlogPremodSpam:BlogModerator",
        "name":"BlogModerator",
        "role_status":"active",
        "node":{
          "type":"node",
          "id":"board:BlogPremodSpam"
        }
      },
      {
        "type":"role",
        "id":"c:suzieSandbox:CategoryExpert",
        "name":"CategoryExpert",
        "role_status":"active",
        "node":{
          "type":"node",
          "id":"category:suzieSandbox"
        }
      },
      {
        "type":"role",
        "id":"b:suziesBlog:BlogAuthor",
        "name":"BlogAuthor",
        "role_status":"active",
        "node":{
          "type":"node",
          "id":"board:suziesBlog"
        }
      },
      {
        "type":"role",
        "id":"b:suziesBlog:BlogModerator",
        "name":"BlogModerator",
        "role_status":"active",
        "node":{
          "type":"node",
          "id":"board:suziesBlog"
        }
      }
    ]
  },
  "metadata":{
    
  }
}

I hope this helps.