Difference between revisions of "Management API config"

From i2Rest
Jump to: navigation, search
 
(23 intermediate revisions by 2 users not shown)
Line 1: Line 1:
[[Management_APIs|Management APIs]] includes functions that can be used to do some management stuff - change runtime parameters, query current status of server instance, etc. OAuth2 token with management_functions scope is required for any management Api call.
+
{{DISPLAYTITLE:How to allow calls to management API}}
 +
[[Management_APIs|Management APIs]] includes functions that can be used to do some management stuff - change runtime parameters, query current status of server instance, etc. OAuth2 token with management_functions [[I2Rest_scopes#|scope]] is required for any management Api call.
  
 
;Step 1
 
;Step 1
 
:Register two users on IBM i.
 
:Register two users on IBM i.
 
;Step 2
 
;Step 2
:Contact your system administrator for your IBM i server host name (or IP) and ''two'' available ports for "main" and "management" gates of your first i2Rest Server instance. Create file config.json (you can name it with any name and put it into any available IFS folder). Enter following text, replace host_name, ports, user (must be a regestered IBM i user) and client (must be a regestered IBM i user) with appropriate values.<bt>
+
:Contact your system administrator for your IBM i server host name (or IP) and ''two'' available ports for "main" and "management" gates of your first i2Rest Server instance. Create file config.json (you can name it with any name and put it into any available IFS folder). Сopy and paste the snippet bellow. Replace with appropriate values highlighted with <b>bold</b> parts: host_name, ports, user (resource owner) and client.
[[I2Rest_quick_config|Basic configuration]] management API variant (differences are highlighted in <span style="background:#00FFFF;">blue</span>):
+
For clarity, differences with [[I2Rest_quick_config|Basic configuration]] are highlighted in <span style="background:#D3D3D3;">gray</span>:
 +
 
  
 
  {
 
  {
 
     "gates":
 
     "gates":
 
     {
 
     {
       "main"      : {"url":"http://<span style="color:red;"><host_name>[:port] (for example api.i2rest.com:1234)</span>"},
+
       "main"      : {"url":"http://'''<host_name>[:port] (for example api.i2rest.com:1234)'''"},
       "management" : {"url":"http://<span style="color:red;"><host_name>[:port] (for example api.i2rest.com:4321)</span>"}
+
       "management" : {"url":"http://'''<host_name>[:port] (for example api.i2rest.com:4321)'''"}
 
     },
 
     },
    "session_systems":
+
  <span style="background:#D3D3D3;">   "OAuth2":
    [
 
      { "name"  : "*ANONYMOUS",
 
          "submit" : "SBMJOB JOB(I2RESTA)                \
 
                            USER(${user})              \
 
                            CMD(CALL I2REST            \
 
                                PARM('-session'          \
 
                                    '-url' '${surl}'    \
 
                                    '-uid' '${uid}'    \
 
                                    '-user' '${user}')) \
 
                            INLLIBL(I2REST)"
 
      }
 
    ],
 
    <span style="background:#00FFFF;">
 
    "OAuth2":
 
 
     {
 
     {
 
       "scopes": {"management_functions" : {"description":"i2Rest management APIs call"}
 
       "scopes": {"management_functions" : {"description":"i2Rest management APIs call"}
Line 33: Line 21:
 
       "users":
 
       "users":
 
       {
 
       {
         "<span style="color:red;">USRX</span>":{"description":"<span style="color:red;">John Johnes</span>","valid_clients":{"<span style="color:red;">TSTCLNT</span>":{"scopes":["management_functions"]}}}
+
         "'''USRX'''":{"description":"'''John Johnes'''","valid_clients":{"'''TSTCLNT'''":{"scopes":["management_functions"]}}}
 
       },
 
       },
 
       "clients":
 
       "clients":
 
       {
 
       {
         "<span style="color:red;">TSTCLNT</span>":{"redirect_uri":"<span style="color:red;"><main gate URL></span>/oauth2/redirect",  
+
         "'''TSTCLNT'''":{"redirect_uri":"'''<main gate URL>'''/oauth2/redirect",  
 
                     "description":"Test client",  
 
                     "description":"Test client",  
 
                     "valid_scopes":["management_functions"],
 
                     "valid_scopes":["management_functions"],
Line 45: Line 33:
 
     }</span>  
 
     }</span>  
 
  }
 
  }
==Мanagement API call==
+
 
So, what you have to do before we can test Мanagement API call to i2Rest Server:
+
Please take a look how to [[Auth_profile_SoapUI|obtain Oauth2 token from i2Rest Server with SoapUI]], and than proceed to [[Managment_API_SoapUI|Management api authorized call]].
:a)
 
:b) Fill the [[I2Rest_Advanced_Setup#Oauth2_obj_template|OAuth2 object template]] above with IBM i users values. Then add the snippet to your [[I2Rest_quick_config|basic server configuration]](with or without ssl protection) and put your new *.json anywhere on IBM i IFS.
 
:c) Restart server to apply your new configuration *.json.   
 
Now let's test the configuration obtaining [[Auth_profile_SoapUI|Oauth2 token with SoapUI]], and than proceed to [[Manage_API_SoapUI|Management api authorized call]].
 

Latest revision as of 14:26, 9 July 2020

Management APIs includes functions that can be used to do some management stuff - change runtime parameters, query current status of server instance, etc. OAuth2 token with management_functions scope is required for any management Api call.

Step 1
Register two users on IBM i.
Step 2
Contact your system administrator for your IBM i server host name (or IP) and two available ports for "main" and "management" gates of your first i2Rest Server instance. Create file config.json (you can name it with any name and put it into any available IFS folder). Сopy and paste the snippet bellow. Replace with appropriate values highlighted with bold parts: host_name, ports, user (resource owner) and client.

For clarity, differences with Basic configuration are highlighted in gray: 


{
   "gates":
   {
      "main"       : {"url":"http://<host_name>[:port] (for example api.i2rest.com:1234)"},
      "management" : {"url":"http://<host_name>[:port] (for example api.i2rest.com:4321)"}
   },
   "OAuth2":
   {
     "scopes": {"management_functions" : {"description":"i2Rest management APIs call"}
     },
     "users":
     {
        "USRX":{"description":"John Johnes","valid_clients":{"TSTCLNT":{"scopes":["management_functions"]}}}
     },
     "clients":
     {
        "TSTCLNT":{"redirect_uri":"<main gate URL>/oauth2/redirect", 
                   "description":"Test client", 
                   "valid_scopes":["management_functions"],
                   "valid_grant_types":["authorization_code"]}
     },
     "tokens": {"type":"token"},"codes":{"type":"code"}
   } 
}

Please take a look how to obtain Oauth2 token from i2Rest Server with SoapUI, and than proceed to Management api authorized call.

Retrieved from "https://www.i2rest.com/index.php?title=Management_API_config&oldid=1678"