Difference between revisions of "Run command Api config"
Pavel.lobko (talk | contribs) |
|||
| Line 1: | Line 1: | ||
{{DISPLAYTITLE:How to allow calls to run_command API}} | {{DISPLAYTITLE:How to allow calls to run_command API}} | ||
| − | This API allows you to call IBM i commands | + | This API allows you to call IBM i commands. Requests to this API must be authorized using OAuth2 token with "run_command" in its [[I2Rest_scopes#|scope]]. |
;Step 1 | ;Step 1 | ||
| − | :Register two users on IBM i. | + | :Register two users on IBM i. One will be used as a demonstrative OAuth2 resource owner, and the second one as an OAuth2 client. |
;Step 2 | ;Step 2 | ||
| − | :Contact your system administrator for your IBM i server host name (or IP) and ''two'' available ports for "main" and "management" gates of your first i2Rest Server instance. Create file config.json (you can name it with any name and put it into any available IFS folder). Enter following text, replace host_name, ports, user ( | + | :Contact your system administrator for your IBM i server host name (or IP) and ''two'' available ports for "main" and "management" gates of your first i2Rest Server instance. Create file config.json (you can name it with any name and put it into any available IFS folder). Enter following text, replace host_name, ports, pcml_file, user (resource owner) and client (highlighted with <b>bold</b>) with appropriate values. We will start with simplest non-encrypted connections, so please leave http as a protocol.<br/>For clarity, differences with [[I2Rest_quick_config|Basic configuration]] are highlighted in <span style="background:#D3D3D3;">gray</span>: |
| − | [[I2Rest_quick_config|Basic configuration]] | ||
{ | { | ||
"gates": | "gates": | ||
{ | { | ||
| − | "main" : {"url":"http://< | + | "main" : {"url":"http://<b><host_name>[:port] (for example api.i2rest.com:1234)</b>"}, |
| − | "management" : {"url":"http://< | + | "management" : {"url":"http://<b><host_name>[:port] (for example api.i2rest.com:4321)</b>"} |
}, | }, | ||
"session_systems": | "session_systems": | ||
[ | [ | ||
| − | <span style="background:# | + | <span style="background:#D3D3D3;">{ "name" : "*LOCAL", |
"submit" : SBMJOB JOB(I2RESTS) \ | "submit" : SBMJOB JOB(I2RESTS) \ | ||
USER(${user}) \ | USER(${user}) \ | ||
| Line 26: | Line 25: | ||
'-init' 'ADDLIBLE I2REST'))" \ | '-init' 'ADDLIBLE I2REST'))" \ | ||
}</span> | }</span> | ||
| − | ] | + | ]<span style="background:#D3D3D3;">, |
| − | + | "OAuth2": | |
{ | { | ||
| − | "scopes": {"run_command" : {"description":"IBM i command call"} | + | "scopes": {"run_command" : {"description":"IBM i command call"}}, |
| − | |||
"users": | "users": | ||
{ | { | ||
| − | "< | + | "<b>USRX</b>":{"description":"<b>John Johnes</b>","valid_clients":{"<b>TSTCLNT</b>":{"scopes":["run_command"]}}} |
}, | }, | ||
"clients": | "clients": | ||
{ | { | ||
| − | "< | + | "<b>TSTCLNT</b>":{"redirect_uri":"<b><main gate URL></b>/oauth2/redirect", |
"description":"Test client", | "description":"Test client", | ||
"valid_scopes":["run_command"], | "valid_scopes":["run_command"], | ||
"valid_grant_types":["authorization_code"]} | "valid_grant_types":["authorization_code"]} | ||
| − | + | } | |
| − | |||
}</span> | }</span> | ||
} | } | ||
| + | |||
| + | Now you are ready to [[I2Rest_Start|start]] serving run_command API.<br/> | ||
| + | Please look at [[I2Rest_Command_Call_Test|How to test run_command API]] for further information. | ||
Revision as of 10:09, 8 July 2020
This API allows you to call IBM i commands. Requests to this API must be authorized using OAuth2 token with "run_command" in its scope.
- Step 1
- Register two users on IBM i. One will be used as a demonstrative OAuth2 resource owner, and the second one as an OAuth2 client.
- Step 2
- Contact your system administrator for your IBM i server host name (or IP) and two available ports for "main" and "management" gates of your first i2Rest Server instance. Create file config.json (you can name it with any name and put it into any available IFS folder). Enter following text, replace host_name, ports, pcml_file, user (resource owner) and client (highlighted with bold) with appropriate values. We will start with simplest non-encrypted connections, so please leave http as a protocol.
For clarity, differences with Basic configuration are highlighted in gray:
{
"gates":
{
"main" : {"url":"http://<host_name>[:port] (for example api.i2rest.com:1234)"},
"management" : {"url":"http://<host_name>[:port] (for example api.i2rest.com:4321)"}
},
"session_systems":
[
{ "name" : "*LOCAL",
"submit" : SBMJOB JOB(I2RESTS) \
USER(${user}) \
CMD(CALL I2REST \
PARM('-session' \
'-url' '${surl}' \
'-uid' '${uid}' \
'-user' '${user}')) \
'-init' 'ADDLIBLE I2REST'))" \
}
],
"OAuth2":
{
"scopes": {"run_command" : {"description":"IBM i command call"}},
"users":
{
"USRX":{"description":"John Johnes","valid_clients":{"TSTCLNT":{"scopes":["run_command"]}}}
},
"clients":
{
"TSTCLNT":{"redirect_uri":"<main gate URL>/oauth2/redirect",
"description":"Test client",
"valid_scopes":["run_command"],
"valid_grant_types":["authorization_code"]}
}
}
}
Now you are ready to start serving run_command API.
Please look at How to test run_command API for further information.
