cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
10757
Views
1
Helpful
12
Replies

What values for Auth URL

MARK DAUSCHER
Level 1
Level 1

Hello,

I'm very new to working with API's so apologies in advance.

I'm using Postman for testing the EoX API and others.  I'm using Get New Access Token to request a token using Grant Type: Authorization Code. I have my application registered on the Cisco API Console and have a Client ID and Client Secret ID. The Cisco OAuth v2.0 Token Developer Guide is a bit confusing (to me) as to which URL's to use for Auth URL and Access Token URL. 

Can anyone help clarify this for me?

Much appreciated.

Regards,

Mark

1 Accepted Solution

Accepted Solutions

kcolberg
Cisco Employee
Cisco Employee

Hi Mark,

I am not quite sure how Postman would work using the Auth Code grant type - I never tried to make that work. Auth Code requires a web page (the "Redirection-URL" you entered when you created the app and selected Auth Code) that the token server will redirect the request to once the token is generated. I really don't know how that would play with Postman. Perhaps other experts might chime in.

I typically use the grant type of client credentials when working in Postman. If you are new to API development, client cred is probably the easiest place to start with since it's a two-legged authentication process and is relatively simple. Once you get it working and can use the resulting token to make calls to the APIs, you can then experiment with the other grant types.

But you asked specifically about auth code and the URLs it needs, which really has nothing to do with Postman, so... Your first call is a GET to https://cloudsso.cisco.com/as/authorization.oauth2?response_type=code&client_id=<your client id>.

Once the user logs in, the code that is generated is used in a POST to https://cloudsso.cisco.com/as/token.oauth2 using the code, your client id and client secret. That request would look something like the curl call:

curl -s -k -H "Content-Type: application/x-www-form-urlencoded" -X POST

-d "client_id=<your client id>"

-d "client_secret=<your client sercret>"

-d "code=<the generated code from the previous call>"

-d "redirect_uri=<your redirection url>"

-d "grant_type=authorization_code" https://cloudsso.cisco.com/as/token.oauth2

That should generate the token, which you can then use to make calls to the EOX API.

HTH,

Keith

View solution in original post

12 Replies 12

kcolberg
Cisco Employee
Cisco Employee

Hi Mark,

I am not quite sure how Postman would work using the Auth Code grant type - I never tried to make that work. Auth Code requires a web page (the "Redirection-URL" you entered when you created the app and selected Auth Code) that the token server will redirect the request to once the token is generated. I really don't know how that would play with Postman. Perhaps other experts might chime in.

I typically use the grant type of client credentials when working in Postman. If you are new to API development, client cred is probably the easiest place to start with since it's a two-legged authentication process and is relatively simple. Once you get it working and can use the resulting token to make calls to the APIs, you can then experiment with the other grant types.

But you asked specifically about auth code and the URLs it needs, which really has nothing to do with Postman, so... Your first call is a GET to https://cloudsso.cisco.com/as/authorization.oauth2?response_type=code&client_id=<your client id>.

Once the user logs in, the code that is generated is used in a POST to https://cloudsso.cisco.com/as/token.oauth2 using the code, your client id and client secret. That request would look something like the curl call:

curl -s -k -H "Content-Type: application/x-www-form-urlencoded" -X POST

-d "client_id=<your client id>"

-d "client_secret=<your client sercret>"

-d "code=<the generated code from the previous call>"

-d "redirect_uri=<your redirection url>"

-d "grant_type=authorization_code" https://cloudsso.cisco.com/as/token.oauth2

That should generate the token, which you can then use to make calls to the EOX API.

HTH,

Keith

Hi Keith,

That helped a lot!  I got the Auth Code grant type working using Postman. See below

    Using Postman to request EoX information for a Serial Number using Grant type Authorization Code

  1. Start Chrome and open Postman
  2. Enter the information as shown below for a request to retrieve EoX info for a given serial number into the appropriate Postman fields:
    • Method - Select GET in the Method drop down
    • URL -Enter https://api.cisco.com/supporttools/eox/rest/5/EOXBySerialNumber/1/<serial-number>
    • Authorization – Select Authorization
      • Type: Select OAuth 2.0 from the drop down
      • Click Get Net Access Token
      • Click Request Token
      • Login (if prompted)
      • Click Allow
    • Existing Tokens - Your token name will show up in the list of existing tokens. Select it see the contents
    • Add token to – Select Header and click Use Token
  3. Click Send.
  4. Postman will send the request to the server, and the display the response.
    • You can see the Response Code that is returned displayed here as '200' and is shown in the Status field.
    • You can see the JSON response data that contains the EOX Record.

Any new updates to this process.  The links on the API pages are missing or not well documented.  I am very new to the OAuth process.  I am following the recommendations seen here to use Postman and Client Credentials with no luck at all. 


Thanks!

Hi,

I am not sure what updates you might be looking for. Mark did a nice job outlining the process for using Auth Code with Postman. But you specifically mention client credentials, which should work in Postman without much special setup - just a call to cloudsso to generate the token and than a call to the API gateway with that token to API itself.

So what issue are you facing? Are you generating a token that doesn't work when calling the API? Are you having problems generating the token?

Regards,

Keith

I am getting a json 0 error in postman. I have not been able to get from the clientID to the key. I feel pretty good about the process once I get the key. The key process appears to be far more complicated than I would expect.

Thanks

Get Outlook for iOS<https://aka.ms/o0ukef>

Perhaps you could start at the beginning - which API are you trying to use? Do you see it in the My APIs section of the API Console (https://apiconsole.cisco.com/apps/myapis)? Have you registered an app for the API, thus getting a client ID and secret for the API? What request are you making in Postman that is giving you the error (and what is the HTTP status)?

https://apiconsole.cisco.com/documentation outlines the steps to register an application, make the call to get the token, and make the call to API itself.

What's missing is how to get the API into your My APIs list. That's dependent on the API. For the Support APIs, you must be an SNTC customer or a PSS partner and have gone through their associated on-boarding process (found at the top of https://developer.cisco.com/site/support-apis/).

Regards,

Keith

Starting from scratch.  I have the below API setup started.

I am not able to use postman to turn the Client ID and secret into a key.  I receive a JSON 0 error. I then moved on to a Python example.  I am able to get that example to generate the key however the code appears to require 3.x to use the key and that version will not generate the key.  That detail is from this post -- PSIRT - openVuln API Authorization Error.

In Python 3.x I am getting a SSL handshake error that appears in a lot of discussion boards but I have yet to find an answer.

In Python 2.x Request is not valid.

What I am looking to accomplish is this:

I would love to test this in Postman but Python would be fine as well since I hope to turn this into a small program.   I would like to pull the data that will indicate the recommended version of software similar to this link -- https://software.cisco.com/research/home

Once I have this data I want to compare it to a list of gear and version then create a report.

Thanks All!!

would you mind if you try this on curl for troubleshooting purposes?

Accessing the Cisco PSIRT openVuln API Using curl

Also, can you try to make the Grant Type to Client Credential instead?

If found several tutorial regarding this and all of them are using that grant type (example link below)

https://github.com/CiscoPSIRT/openVulnAPI/tree/master/openVulnQuery

HI,

 

im new to this too, and would like some help please

i went through what has been said before, but when i make a call, i get an access denied.

im using the csapi-inventory API

any idea?

Hi Keith,

Sorry to bother you. To summarize my predicament:-


{"download_session_id":"65191032"
"download_retry_id":"57283157"
"service_status":"success"
"asd_service_response_exception":null
"asd_download_acceptance_exception":[]
"download_info_list":[
{"download_url":null
"image_guid":"7153245D64FBDB79F557FB5E3C065A52160E92B4"
"image_full_name":"c2960-lanlitek9-mz.150-2.SE11.bin"
"asd_download_url_exception":[
{"exception_code":"LOGIN_REQD"
"exception_message":"To Download this software
you must Log In with your Cisco.com user ID."}]
"cloud_url":null
"token":null}

 

The Curl I am trying to logon with:-

curl -s -k -H "Content-Type: application/x-www-form-urlencoded" -X POST -d "client_id=My API Client ID" -d "client_secret=My API Secret" -d "code=I used the TOKEN from the previous call" -d "redirect_uri=xxxx-xxx-xxx-xxx" -d "grant_type=authorization_code" https://cloudsso.cisco.com/as/token.oauth2

 

Response:  {"error":"unauthorized_client"}

I can download the files manually but we need to automate this process. Any help would be appreciated.

Thanks,

Simon

Having the same problem here.  The documentation does not include how to get the token propertly

Hi

 

The Client ID is the same App Key?