Back to Community Threads
1
Which logs to troubleshoot API access?
Question asked by AWRData - 3/31/2024 at 9:03 PM
Answered
In which logs will I find API access attempts?  I need to troubleshoot my API scripts.

8 Replies

Reply to Thread
0
AWRData Replied
4/11/2024 at 2:40 PM
Anyone?
0
Zach Sylvester Replied
4/11/2024 at 3:08 PM
Employee Post
Hello, 

Thank you for reaching out regarding this question. There isn't a log that will show failed API attempts. You can see successful actions in the administrative log but it will not show you if you're missing inputs etc. 
If you can share your script the community may be able to help you out here. 

Thanks, 
Zach Sylvester System/Network Administrator SmarterTools Inc. (877) 357-6278 www.smartertools.com
1
Kyle Kerst Replied
4/11/2024 at 4:47 PM
Employee Post
You can also check the IIS log files for your SmarterMail site as it may show specific error messages or other clues. Running something like Fiddler Web Debugger (with HTTPS decryption enabled) might also shed some light on the failure.
Kyle Kerst System/Network Administrator SmarterTools Inc. (877) 357-6278 www.smartertools.com
0
AWRData Replied
4/15/2024 at 5:52 PM
I am attempting to retrieve an authentication token using curl.

The file auth.json contains this:
{"username":"{adminuser}",
 "password":"{password}"}
I attempt to obtain an authentication token:
curl -d auth.json -H "Content-Type: application/json" -o token.txt https://webmail.mydomain.com/api/v1/auth/login-settings
This returns an http error 405, method not allowed.  Note -d implies -X POST.  This is what curl reports:
< HTTP/2 405
< allow: GET
0
AWRData Replied
4/15/2024 at 6:05 PM
I may have an answer which I will test, but wanted a preemptive post.  I am not sure where I got that URL, but it appears I am using the wrong URL for authentication.  More news soon.
0
AWRData Replied
4/15/2024 at 6:12 PM
I changed the URL to
http(s)://SERVER_ADDRESS/api/v1/auth/authenticate-user
(With obvious changes.)  Now I get a 400 error, with this returned in token.txt:

{"message":"Validation errors: [, Unexpected character encountered while parsing value: w. Path '', line 0, position 0.]","success":
false}
Looks like my json packet might be malformed.
0
AWRData Replied
4/15/2024 at 8:48 PM
Marked As Answer
I fixed it.  The problem was a simple matter of understanding command line syntax.  The proper syntax when using json data contained within a file is to reference the file with the "@" prefix.  e.g.
curl -d @webmail.json -H "Content-Type: application/json" -o token.txt https://[SERVER_ADDRESS]/api/v1/auth/authenticate-user
The returned the expect HTTP 200 result, along with a token.txt file filled with expected data.
0
AWRData Replied
4/15/2024 at 9:19 PM
An example of doing the same thing in PowerShell using Invoke-WebRequest:

$response = Invoke-WebRequest -uri https://[SERVER_ADDRESS]/api/v1/auth/authenticate-user -ContentType "application/json" -Method post -Body ($api|ConvertTo-JSON)
In this, $api is a hash containing two elements: username and password.  You can also use json file data directly using Get-Content in the -Body argument.

If successful, $response will be a hash of the session data.  You can then extract what you need:
$content = $response.Content | ConvertFrom-JSON
In the exercise of authenticating, $content.accessToken will contain the authentication token we need.

This part is mostly academic for me, as my primary purposes put me in a non-PowerShell environment.  Nonetheless, this could prove useful later.
Back to Community Threads

Reply to Thread

Related Knowledge Base Articles

Upgrading SmarterMail (Domain Conversion)SmarterMail > Installation and Configuration
Set up Autodiscover for SmarterMailSmarterMail > Installation and Configuration
Troubleshooting SmarterMail Automatic SSL CertificatesSmarterMail > Troubleshooting
Deploying Rspamd For Use With SmarterMailSmarterMail > Server Configuration and Management
Reset Administrator Username and PasswordSmarterMail > Installation and Configuration