• How to Create API User

  • We tried to make OpenKM as intuitive as possible, but an advice is always welcome.
We tried to make OpenKM as intuitive as possible, but an advice is always welcome.
Forum rules: Please, before asking something see the documentation wiki or use the search feature of the forum. And remember we don't have a crystal ball or mental readers, so if you post about an issue tell us which OpenKM are you using and also the browser and operating system version. For more info read How to Report Bugs Effectively.
 #43654  by kstjohn
 
New user here - Professional 6.3.3
I have been searching through the docs for the procedure to setup an API user but can't seem to find any information. Normally I would generate an API key and pass this along to the user along with a username and password. But I find nothing on creating a key or user.

I would appreciate someone explaining this to me as I suspect OKM has its own procedure. Thanks in advance!
 #43661  by kstjohn
 
Perhaps I am not making myself clear.

In applications I have used before, only an authorized API user can use API to access the application. The security procedure usually involves giving the API user a username, password, and an API security key such as "b9736924bb974e2c8450". He must use this information to login first before the system allows him to use the API methods.

Normally there is a method for the administrator to generate this security key so he can provide it to the API user along with his username and password.

I can find no details on the method to generate a security key or an API method for the API user to login with. Perhaps this is not necessary with OKM?
 #43665  by jllort
 
Use a token ( security key ) has been a common way to get authorization to webservices ( specially in the last years ), but not the only. 3-5 years ago we set "Basic authentication" for accessing webservices ( I'm talking about REST implementation ), as you can see if you accessing directly to the webservices resources will require you to set user name and password for each remote process call. OpenKM SOAP webservices works with token, but not REST ( there we have a login method what returns token and also a logout one ). Anyway we do not suggest use SOAP we only maintaining for .

At the present we have still not changed to token solution. That not means be wrong implementation, simply it's another way to solve authentication process. Actually we are working in CAS authentication what requires token, that mean we are working on moving it in professional edition. If you want to collaborate in changing in community version you are welcome.

About Us

OpenKM is part of the management software. A management software is a program that facilitates the accomplishment of administrative tasks. OpenKM is a document management system that allows you to manage business content and workflow in a more efficient way. Document managers guarantee data protection by establishing information security for business content.