Has anyone gotten the API to work?

I've been trying to play around with the API but I keep bouncing off the unauthorized error. I'm trying:

curl -H 'Authorization: Bearer TestToken3:<secret jibberish>' https://<myserver>:8043/data/api/v1/gateway-info

Then I get back:

<html>
<head>
<meta http-equiv="Content-Type" content="text/html;charset=ISO-8859-1"/>
<title>Error 401 Unauthorized</title>
</head>
<body><h2>HTTP ERROR 401 Unauthorized</h2>
<table>
<tr><th>URI:</th><td>/data/api/v1/gateway-info</td></tr>
<tr><th>STATUS:</th><td>401</td></tr>
<tr><th>MESSAGE:</th><td>Unauthorized</td></tr>
</table>

</body>
</html>

I've checked and my token is enabled.

It's not an authorization/bearer token (I don't remember the reason why).

Pass your token as the value (no preamble) of a X-Ignition-API-Token header.

Like this:

curl -H 'X-Ignition-API-Token: TestToken3:<secret>' https://<server>:8043/data/api/v1/gateway-info

Because now I get a forbidden error.

What security levels does your token have? It has to be given a permission that has read access to the gateway:

In /app/platform/security/settings:

image2002×712 43.7 KB

In /app/platform/security/api-keys:

image868×1142 49.1 KB

curl -H 'X-Ignition-API-Token: test:xxx' http://localhost:8088/data/api/v1/gateway-info
Returns:

{
    "allowUnsignedModules": true,
    "deploymentMode": "",
    "edition": "standard",
    "hostname": "localhost",
    "ignitionVersion": "(Dev Version)",
    "jvmVersion": "17.0.15",
    "license":
    {
        "expirationDate": "Jul 29, 2025, 11:46:15 AM",
        "licenseRestrictions":
        [],
        "mode": "Trial",
        "validForVersion": 0
    },
    "name": "Ignition-DV-pgriffith-MBP",
    "port": "8088",
    "redundancyRole": "Independent",
    "timeZone": "Pacific Standard Time",
    "timeZoneId": "America/Los_Angeles"
}

I don't have an API checkbox in my gateway permissions configuration:

image853×452 18.6 KB

You'll need to create a new Security Level. Go to http://gatewayIP:Port/app/platform/security/levels, highlight "Public" and select "Add Level". Make sure you update your API Key to use this new level.

That's got it, thank you.

Note for the devs: the API docs show a bearer token in their example. This is confusing.

Which API docs are you referring to by this? Not doubting you - just trying to see where we can iron out the confusion.

It's the example at the bottom in the manual for openapi. I tried this earlier and was also unsuccessful. I couldn't get it to work using a Perspective HTTP binding either, but I didn't have any security levels setup.

curl -H "Authorization: Bearer YOUR_TOKEN" \
https://:8088/data/mymodule/api/v1/getItem/abc-123

Edit: BTW, this openapi is amazing! You guys did an amazing job with all of 8.3 but this especially is mind blowing to me.

I've seen some of the endpoints working as you can put the link in another tab in your browser if you're signed in with someone with authorization in another tab.

Yes, because the browser session is being used as the requester. Note that you'll only be able to perform GET requests via this method. Any sort of update request (create/edit/rename/copy/move/delete) will need to be done via a terminal or ReST client, like Postman or Bruno.

Postman worked as well as a script in the script console.
I'm guessing the HTTP binding isn't setup to use the "X-Ignition-API-Token" in the header as it's not an option in the dropdown. I get this error in the output console:

"23:33:41.053 [Browser Thread: aecfbd1b-fd53-4065-ae8a-319200789da7] WARN Perspective.Designer.Workspace -- level: WARNING
message: "store.Designer: Failed to write to component '0'. TypeError: Cannot destructure property 'readyState' of 'this.webSocket' as it is null."
line_number: 2
source: "http://localhost:8088/res/perspective/js/PerspectiveClient.c5eb5a2782e4a5c4105b.js""