06-07-2017 01:43 PM
Hello,
I'm very new to working with API's so apologies in advance.
I'm using Postman for testing the EoX API and others. I'm using Get New Access Token to request a token using Grant Type: Authorization Code. I have my application registered on the Cisco API Console and have a Client ID and Client Secret ID. The Cisco OAuth v2.0 Token Developer Guide is a bit confusing (to me) as to which URL's to use for Auth URL and Access Token URL.
Can anyone help clarify this for me?
Much appreciated.
Regards,
Mark
Solved! Go to Solution.
06-07-2017 05:21 PM
Hi Mark,
I am not quite sure how Postman would work using the Auth Code grant type - I never tried to make that work. Auth Code requires a web page (the "Redirection-URL" you entered when you created the app and selected Auth Code) that the token server will redirect the request to once the token is generated. I really don't know how that would play with Postman. Perhaps other experts might chime in.
I typically use the grant type of client credentials when working in Postman. If you are new to API development, client cred is probably the easiest place to start with since it's a two-legged authentication process and is relatively simple. Once you get it working and can use the resulting token to make calls to the APIs, you can then experiment with the other grant types.
But you asked specifically about auth code and the URLs it needs, which really has nothing to do with Postman, so... Your first call is a GET to https://cloudsso.cisco.com/as/authorization.oauth2?response_type=code&client_id=<your client id>.
Once the user logs in, the code that is generated is used in a POST to https://cloudsso.cisco.com/as/token.oauth2 using the code, your client id and client secret. That request would look something like the curl call:
curl -s -k -H "Content-Type: application/x-www-form-urlencoded" -X POST
-d "client_id=<your client id>"
-d "client_secret=<your client sercret>"
-d "code=<the generated code from the previous call>"
-d "redirect_uri=<your redirection url>"
-d "grant_type=authorization_code" https://cloudsso.cisco.com/as/token.oauth2
That should generate the token, which you can then use to make calls to the EOX API.
HTH,
Keith
06-07-2017 05:21 PM
Hi Mark,
I am not quite sure how Postman would work using the Auth Code grant type - I never tried to make that work. Auth Code requires a web page (the "Redirection-URL" you entered when you created the app and selected Auth Code) that the token server will redirect the request to once the token is generated. I really don't know how that would play with Postman. Perhaps other experts might chime in.
I typically use the grant type of client credentials when working in Postman. If you are new to API development, client cred is probably the easiest place to start with since it's a two-legged authentication process and is relatively simple. Once you get it working and can use the resulting token to make calls to the APIs, you can then experiment with the other grant types.
But you asked specifically about auth code and the URLs it needs, which really has nothing to do with Postman, so... Your first call is a GET to https://cloudsso.cisco.com/as/authorization.oauth2?response_type=code&client_id=<your client id>.
Once the user logs in, the code that is generated is used in a POST to https://cloudsso.cisco.com/as/token.oauth2 using the code, your client id and client secret. That request would look something like the curl call:
curl -s -k -H "Content-Type: application/x-www-form-urlencoded" -X POST
-d "client_id=<your client id>"
-d "client_secret=<your client sercret>"
-d "code=<the generated code from the previous call>"
-d "redirect_uri=<your redirection url>"
-d "grant_type=authorization_code" https://cloudsso.cisco.com/as/token.oauth2
That should generate the token, which you can then use to make calls to the EOX API.
HTH,
Keith
06-08-2017 05:55 AM
Hi Keith,
That helped a lot! I got the Auth Code grant type working using Postman. See below
Using Postman to request EoX information for a Serial Number using Grant type Authorization Code
06-11-2018 01:53 PM
Any new updates to this process. The links on the API pages are missing or not well documented. I am very new to the OAuth process. I am following the recommendations seen here to use Postman and Client Credentials with no luck at all.
Thanks!
06-11-2018 03:14 PM
Hi,
I am not sure what updates you might be looking for. Mark did a nice job outlining the process for using Auth Code with Postman. But you specifically mention client credentials, which should work in Postman without much special setup - just a call to cloudsso to generate the token and than a call to the API gateway with that token to API itself.
So what issue are you facing? Are you generating a token that doesn't work when calling the API? Are you having problems generating the token?
Regards,
Keith
06-11-2018 03:32 PM
I am getting a json 0 error in postman. I have not been able to get from the clientID to the key. I feel pretty good about the process once I get the key. The key process appears to be far more complicated than I would expect.
Thanks
Get Outlook for iOS<https://aka.ms/o0ukef>
06-12-2018 11:00 AM
Perhaps you could start at the beginning - which API are you trying to use? Do you see it in the My APIs section of the API Console (https://apiconsole.cisco.com/apps/myapis)? Have you registered an app for the API, thus getting a client ID and secret for the API? What request are you making in Postman that is giving you the error (and what is the HTTP status)?
https://apiconsole.cisco.com/documentation outlines the steps to register an application, make the call to get the token, and make the call to API itself.
What's missing is how to get the API into your My APIs list. That's dependent on the API. For the Support APIs, you must be an SNTC customer or a PSS partner and have gone through their associated on-boarding process (found at the top of https://developer.cisco.com/site/support-apis/).
Regards,
Keith
06-12-2018 11:14 AM
Starting from scratch. I have the below API setup started.
I am not able to use postman to turn the Client ID and secret into a key. I receive a JSON 0 error. I then moved on to a Python example. I am able to get that example to generate the key however the code appears to require 3.x to use the key and that version will not generate the key. That detail is from this post -- PSIRT - openVuln API Authorization Error.
In Python 3.x I am getting a SSL handshake error that appears in a lot of discussion boards but I have yet to find an answer.
In Python 2.x Request is not valid.
What I am looking to accomplish is this:
I would love to test this in Postman but Python would be fine as well since I hope to turn this into a small program. I would like to pull the data that will indicate the recommended version of software similar to this link -- https://software.cisco.com/research/home
Once I have this data I want to compare it to a list of gear and version then create a report.
Thanks All!!
06-13-2018 04:41 AM
would you mind if you try this on curl for troubleshooting purposes?
Accessing the Cisco PSIRT openVuln API Using curl
Also, can you try to make the Grant Type to Client Credential instead?
If found several tutorial regarding this and all of them are using that grant type (example link below)
https://github.com/CiscoPSIRT/openVulnAPI/tree/master/openVulnQuery
01-18-2021 05:24 AM
HI,
im new to this too, and would like some help please
i went through what has been said before, but when i make a call, i get an access denied.
im using the csapi-inventory API
any idea?
07-11-2019 07:53 AM
Hi Keith,
Sorry to bother you. To summarize my predicament:-
{"download_session_id":"65191032"
"download_retry_id":"57283157"
"service_status":"success"
"asd_service_response_exception":null
"asd_download_acceptance_exception":[]
"download_info_list":[
{"download_url":null
"image_guid":"7153245D64FBDB79F557FB5E3C065A52160E92B4"
"image_full_name":"c2960-lanlitek9-mz.150-2.SE11.bin"
"asd_download_url_exception":[
{"exception_code":"LOGIN_REQD"
"exception_message":"To Download this software
you must Log In with your Cisco.com user ID."}]
"cloud_url":null
"token":null}
The Curl I am trying to logon with:-
curl -s -k -H "Content-Type: application/x-www-form-urlencoded" -X POST -d "client_id=My API Client ID" -d "client_secret=My API Secret" -d "code=I used the TOKEN from the previous call" -d "redirect_uri=xxxx-xxx-xxx-xxx" -d "grant_type=authorization_code" https://cloudsso.cisco.com/as/token.oauth2
Response: {"error":"unauthorized_client"}
I can download the files manually but we need to automate this process. Any help would be appreciated.
Thanks,
Simon
08-03-2020 03:40 PM