API OATH2.0 Client authentication failed

Hello. I’m trying to use new API module. From Connectivity API we have following info

Client Credentials

Token URL :url/admin/api/api/token
Authorization URL :url/admin/api/api/authorize
GraphQL URL :url/admin/api/api/gql
Rest URL :url/admin/api/api/rest
Client ID :8053a9cdec3370652d9673ee71396934be5e95706b24e700d4c0a834c7b53ec1
Allowed Scopes :rest

Please copy your secret as you will not be able to retrieve it later

Client Secret :46cd058cf8be20431eda700a4be2cb93

I’d like to get token to show rest methods.
POSTMAN
POST request
url/admin/api/api/token
BODY
x-www-form-unlencoded
grant_type=authorization_code??? not sure how to get grant type here(password or code)
client_id=8053a9cdec3370652d9673ee71396934be5e95706b24e700d4c0a834c7b53ec1
client_secret=46cd058cf8be20431eda700a4be2cb93

RESPONSE:
{
“error”: “invalid_client”,
“message”: “Client authentication failed”
}

how to correct way or what’s wrong I did to show list of REST methods?

okay. I’ve created Machine to Machine app and used grant_type=client_credentials. For now I’ve get tocken. How can I get list of API methods?
url/admin/api/api/rest
result
Page Not Found

This might help. I am not finding anything directly.

Hello. Do you find there list of rest methods? or how to get methods list? for example I’d like to add extensions via REST API. What’s POST request?

As mentioned before, I didn’t see anything concise in the wiki, unfortanuatly. When clicking around the github I posted earlier I found:

If you have to have FreePBX REST, maybe look around there for answers?

Depending on what you want to do, maybe the Asterisk Rest Interface is an option?

https://wiki.asterisk.org/wiki/display/AST/Asterisk+13+ARI

There are zero rest methods available for freepbx API. There are several graphql methods. Most are read only.

The REST API part of freepbx needs a swagger hook and then code written in modules to support it so it can be easily discovered.

1 Like

… but it’s Open Source, so we, the community, needs to get started hacking the crap out of this. Welcome to the 21st Century! Many hands make …

Spaghetti code?

More obscure bugs?

:slight_smile:

1 Like

It is object oriented
image

1 Like

The docs…

Examples

Libraries used:

I’ve tried follows
GET url/admin/api/api/rest/users
TYPE Bearer token: token

response:

Page Not Found

The page you are looking for could not be found. Check the address bar to ensure your URL is spelled correctly. If all else fails, you can visit our home page at the link below.

All of those, as well as *BSD, EMACS, DNS, and the Internet. You get the good with the bad.

Earlier in this thread I stated

So why would you go and try this?

From experience these are the types of replies that exhaust and frustrate long time community members and make them “pissy” or “mean”.

Please make sure you read all replies to a thread you are participating in because one of the replies might just pertain to you and even answer your question.

Also take into account that I’m not mad or upset. I’m just trying to help you to stop wasting your valuable time on something that doesn’t exist and so it will never work.

1 Like

I believe @cynjut’s point was that it states:

Your PBX supports two API types: Restful and GraphQL .

and

Most, if not all, PBX modules have been written to use GraphQL, however any module can also be extended to use standard Restful calls as well

So while there are no existing RESTful methods in the API as it stands, it can be extended to do so and there is nothing in the documents I see so far that covers how to do such extensions to the API for RESTful calls.

To me this means people will look at see that it supports RESTful but only to discover that when they go to use it, no RESTful methods are configured to be used and there is nothing to show how to do such methods.

This then all goes back to the question of “How does one configure the supported RESTful method to use it?”.

1 Like

The spaghetti code / obscure bug comments were a joke. Indicated by :slight_smile: afterward, even!

Digging down into the docs that @jfinstrom linked… https://wiki.freepbx.org/display/FOP/RESTful describes how to write a RESTful method.

1 Like

I’ve already tried that way. Unfortunately have error
{
“status”: false,
“message”: “unauthorized”
}

GET url
url/admin/api/api/rest/framework/version
token was received, but something strange with scopes
select scopes from api_access_tokens where token = ‘token’;
±-------+
| scopes |
±-------+
| [] |
although

select name, grant_type, allowed_scopes from api_applications\G;
name: MTM
grant_type: client_credentials
allowed_scopes: rest

So access token skopes is empty. Is it can be cause of auth problem?

You have to request scopes from the client side for them to show up in “api_access_tokens”. You’ve requested zero scopes from your client, therefore you get “unauthorized”.

“scope (optional)”

I suggest you do some reading on how OAuth 2.0 works. After looking over the code there are two rest methods: framework version and core user information (basically half of an extension).

What do you want to do with those? Do you intend to build more rest calls into FreePBX? or are you looking for something that perhaps doesn’t exist?

Thank you. Finally I’ve got first response from REST FreePBX API with version. My main idea is avoid communicate with FreePBX directly.First step I’d like to add extensions and trunks via Rest API. For now as I’ve already understood there are no methods that allow add trunks and extensions, but I can write them by myself using internal FreePBX methods. Like getVersion(). etc. And that methods I can find from sources. Am I right?

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.