Get the API key of the user through REST API
|Assignee:||Jean-Philippe Lang||% Done:|
I'm trying to write an automated test in Redmine Java API for case when getUsers() throws AuthorizationException for non-admin.
to do that, I first create a new user through REST API (using admin account), and then I want to send "getUsers()" request with the new user's API access key.
the problem is that I don't see a way to retrieve the API key of the user I just created.
I understand this is probably due to security reasons.
what's the right way to solve this problem?
it would be great if REST API supported the concept of "login" so that REST users would be able to "login" through REST API using their login&password (instead of API access key!) and then they'd receive some "session key" they could use temporarily for this session.
this would eliminate the problem I described above, and plus simplify the REST API usage in various UIs (people are often confused about "api access key", they want to use their login&password).
#2 Updated by Frank Schwarz over 9 years ago
It would be great for (mobile) apps to retrieve the API key:
- the mobile app asks for username and password
- the mobile app logs in using basic authentication (with an https url)
- the app retrieves the api key of the currently logged in user
- the app stores the api key permanently for authenticating the user the next time
#3 Updated by Jean-Philippe Lang over 9 years ago
- Subject changed from get the api key of the user through REST API to Get the API key of the user through REST API
- Status changed from New to Resolved
- Assignee set to Jean-Philippe Lang
- Target version set to 2.3.0
- Resolution set to Fixed
Good point. API key added in r11518 to