How to allow calls to run_command API
This API allows you to call IBM i commands. Requests to this API must be authorized using OAuth2 token with "run_command" in its scope.
- Step 1
- Register two users on IBM i. The first will be used as a demonstrative OAuth2 resource owner, and the second one as an OAuth2 client.
- Step 2
- Contact your system administrator for your IBM i server host name (or IP) and two available ports for "main" and "management" gates of your first i2Rest Server instance. Create file config.json (you can name it with any name and put it into any available IFS folder). Сopy and paste the snippet bellow. Replace with appropriate values highlighted with bold parts: host_name, ports, pcml_file, user (resource owner) and client. We will start with simplest non-encrypted connections, so please leave http as a protocol.
For clarity, differences with Basic configuration are highlighted in gray:
{
"gates":
{
"main" : {"url":"http://<host_name>[:port] (for example api.i2rest.com:1234)"},
"management" : {"url":"http://<host_name>[:port] (for example api.i2rest.com:4321)"}
},
"session_systems":
[
{ "name" : "*LOCAL",
"submit" : SBMJOB JOB(I2RESTS) \
USER(${user}) \
CMD(CALL I2REST \
PARM('-session' \
'-url' '${surl}' \
'-uid' '${uid}' \
'-user' '${user}')) \
'-init' 'ADDLIBLE I2REST'))" \
}
],
"OAuth2":
{
"scopes": {"run_command" : {"description":"IBM i command call"}},
"users":
{
"USRX":{"description":"John Johnes","valid_clients":{"TSTCLNT":{"scopes":["run_command"]}}}
},
"clients":
{
"TSTCLNT":{"redirect_uri":"<main gate URL>/oauth2/redirect",
"description":"Test client",
"valid_scopes":["run_command"],
"valid_grant_types":["authorization_code"]}
}
}
}
Now you are ready to start serve run_command API.
