Вы не вошли. Пожалуйста, войдите или зарегистрируйтесь.
We've implemented new modern and more secure authorization method in Wialon.
Here we will answer all the questions about it and help you to overcome all implementation problems.
Blog article
Instructions file
Hi, I am trying to figure out how to implement new login details mentioned here
http://weblog.gurtam.com/wp-content/upl … -Authoriza
I am trying to follow below to create token
http://sdk.wialon.com/wiki/en/sidebar/r … oken/token
My api call looks like (in below example userid is replaced with 0s, app name is replaced with myapp )
http://hst-api.wialon.com/wialon/ajax.html?svc=token/update¶ms={"callMode":"create","userId":"0000000","h":"","app":"myapp","at":0,"dur":604800,"fl":256, "p":"","items":["":""],"deleteAll":""}
I receive error 4 and not really sure whats wrong with above input. I would really use some help, thanks
Hello.
Parameter "items" should contain array of item ids, for example [1234,568]
thanks, and what should I use as item id, my userid or ..?
Because I just tried with my userid and now I get Error 7, while I could succesfully create token using the standart login form(i.e. there is no reason to have my access denied..)
There is not enough info in docs - we'll add more details.
Parameter "userId" is optional. You can pass id of another user.
Then if you have access right Operate as (0x200000) to this user
you'll create/update/delete tokens of this user.
In your case don't sent userId.
As for "items" - you can pass there id of items you want your token had access to.
There is no need to pass id of current user. You can pass id of resources, units and so on.
Ok , thanks, but I am not sure about the resources ids I will need to monitor, these may vary within customer account.
This is my real life api url which still returns Error 7 while i can actually create token manually thru the simple form
Any other ideas what might be wrong with this token creation api url?
This request is for managing tokens after beeing authorized. In most cases you don't need this request.
To authorize to wialon in your app/site now you should use our oAuth form (http://hosting.wialon.com/login.html or http://your.dns.com/login.html).
Example on playground
But if you were successfully authorized by token and then you need to manage tokens of current or other users you have access to - you can use this request.
For example to create manually your new token - use request http://hst-api.wialon.com/wialon/ajax.html?svc=token/update¶ms={"callMode":"create","app":"mywialonapp1","at":0,"dur":604800,"fl":256,"p":"{}","items":[]}
I am also getting error when creating token for different userId using admin authorization. I have authorized the admin using oAuth, got the sid using loginToken. Now when I try to create token for subuser, I get error 7.
What I want is to create token on behalf of subuser and use the generated token to createSession as subuser.
Request:
http://hst-api.wialon.com/wialon/ajax.html?svc=token/update¶ms={"callMode":"create","userId":"xxxxxxx","app":"","at":0,"dur":604800,"fl":256,"p":"{}","items":[xxxxxxx]}&sid=xxxxxxxxxxx
Response:
{
"error": 7
}
Its unfortunate that documentation is very vague. Please suggest how to fix.
I am also getting error when creating token for different userId using admin authorization. I have authorized the admin using oAuth, got the sid using loginToken. Now when I try to create token for subuser, I get error 7.
What I want is to create token on behalf of subuser and use the generated token to createSession as subuser.
Request:
http://hst-api.wialon.com/wialon/ajax.html?svc=token/update¶ms={"callMode":"create","userId":"xxxxxxx","app":"","at":0,"dur":604800,"fl":256,"p":"{}","items":[xxxxxxx]}&sid=xxxxxxxxxxxResponse:
{
"error": 7
}Its unfortunate that documentation is very vague. Please suggest how to fix.
Please check that you were authorized by admin with full token access rigths : access_type = -1
Also you should have access right Operate as (0x200000) to this user to create/update/delete tokens of this user.
trakfamily пишет:I am also getting error when creating token for different userId using admin authorization. I have authorized the admin using oAuth, got the sid using loginToken. Now when I try to create token for subuser, I get error 7.
What I want is to create token on behalf of subuser and use the generated token to createSession as subuser.
Request:
http://hst-api.wialon.com/wialon/ajax.html?svc=token/update¶ms={"callMode":"create","userId":"xxxxxxx","app":"","at":0,"dur":604800,"fl":256,"p":"{}","items":[xxxxxxx]}&sid=xxxxxxxxxxxResponse:
{
"error": 7
}Its unfortunate that documentation is very vague. Please suggest how to fix.
Please check that you were authorized by admin with full token access rigths : access_type = -1
Also you should have access right Operate as (0x200000) to this user to create/update/delete tokens of this user.
Dear chdi,
Thank you for your response.
Question: Please check that you were authorized by admin with full token access rigths : access_type = -1
Answer: I am the creator of the user whose token I want to create. I am using the sid of the creator while calling token/update API above. Can you please suggest do I still need to set access_type = -1 and where I need to to set access_type = -1
Question: Also you should have access right Operate as (0x200000) to this user to create/update/delete tokens of this user.
Answer: I am the creator of the of the user, when I login into cmd.wialon.com and hosting.wialon.com using my login/password, I am able to do "Login as another user" the user so I presume I have all the right.
Awaiting your response, and please excuse if my questions are too basic but I am struggling to create token for my sub-user using API. Please help how can I debug the issue.
Answer: I am the creator of the user whose token I want to create. I am using the sid of the creator while calling token/update API above. Can you please suggest do I still need to set access_type = -1 and where I need to to set access_type = -1
If you authorized under user-creator through token , sure you should use the parameter access_type = -1 to get token
For example, http://hosting.wialon.com/login.html?cl … ion=604800
You can find the full parameters for Extend form here http://sdk.wialon.com/wiki/en/sidebar/r … ogin/login
Question: Also you should have access right Operate as (0x200000) to this user to create/update/delete tokens of this user.
Answer: I am the creator of the of the user, when I login into cmd.wialon.com and hosting.wialon.com using my login/password, I am able to do "Login as another user" the user so I presume I have all the right.Awaiting your response, and please excuse if my questions are too basic but I am struggling to create token for my sub-user using API. Please help how can I debug the issue.
Please also check is it a correct id of elements you set for "userID" and 'items"
trakfamily пишет:Answer: I am the creator of the user whose token I want to create. I am using the sid of the creator while calling token/update API above. Can you please suggest do I still need to set access_type = -1 and where I need to to set access_type = -1
If you authorized under user-creator through token , sure you should use the parameter access_type = -1 to get token
For example, http://hosting.wialon.com/login.html?cl … ion=604800
You can find the full parameters for Extend form here http://sdk.wialon.com/wiki/en/sidebar/r … ogin/loginQuestion: Also you should have access right Operate as (0x200000) to this user to create/update/delete tokens of this user.
Answer: I am the creator of the of the user, when I login into cmd.wialon.com and hosting.wialon.com using my login/password, I am able to do "Login as another user" the user so I presume I have all the right.Awaiting your response, and please excuse if my questions are too basic but I am struggling to create token for my sub-user using API. Please help how can I debug the issue.
Please also check is it a correct id of elements you set for "userID" and 'items"
Here are the steps that I performed-
1. To get the token for creator account, I used oauth URL- http://hosting.wialon.com/login.html?cl … ion=604800 and got the access_token for creator account.
2. Logged in with creator account using token/login remote API http://hst-api.wialon.com/wialon/ajax.html?svc=token/login¶ms={"token":xxxx}, got session id ("eid":xxx) in response.
3. Now to create token for subuser (i.e. of whom on I creator) I called following API-
http://hst-api.wialon.com/wialon/ajax.html?svc=token/update¶ms={"callMode":"create","userId":"12822687","app":"","at":0,"dur":604800,"fl":100,"p":"{}","items":["12822687"]}&sid=c066e3e906ffb24fda4ee72716f5eb5a
Where userId and items are the user id of subuser for whom I want to generate token, and sid is the session id (i.e. eid field in step2). But I am still getting Error 7 in response.
Question-1 What does "items" filed in token/update API mean, wialon documentation says "list of item ids with token granted access"? What should I pass to create token for subuser?
Question-2 Can you please suggest what am I doing wrong in above steps? Unfortunately there is no example for http://sdk.wialon.com/wiki/en/sidebar/r … ken/update API in wialon playground.
Questions-3 Has anyone used token/update API at all and found it working?
Dear trakfamily,
the steps are correct
add some name for parameter "app" - the application name should be defined to authorization
For example,
http://hst-api.wialon.com/wialon/ajax.html?svc=token/update¶ms={"callMode":"create","userId":"12822687","app":"myapp","at":0,"dur":604800,"fl":256,"p":"{}","items":[]}&sid=your_sid
Also set a correct flag : "f":0x100 in hex or "f":256 in decimal
In field "items" you can define a list of elements id (other users, units, resource ) for which this sub-user will have access rights according with this token
For example, "f":256 means Online tracking , so sub-user can have bacis acceess rights to "items"
Dear Chdi,
Fixing the "app" parameter did the trick, thank you so much.
Now I am able to generate access_token for subuser using token/update remote API. After getting the token, I am using token/logen remote API to generate "sid" for the subuser (Please note I am running these APIs on server to generate sid for user and pass the sid to client). But looks like this sid does not work on client machine because of IP address change.
Here is what I want to achieve-
1. On our hosted server, generate sid or access_token for subuser.
2. Pass the link with sid/token (such as http://myserver.com/?sid=xxxxxxx) to customer so that customer can login just by clicking the link(without entering user/password).
Can you please suggest how I can achieve above?
Dear Chdi,
Fixing the "app" parameter did the trick, thank you so much.Now I am able to generate access_token for subuser using token/update remote API. After getting the token, I am using token/logen remote API to generate "sid" for the subuser (Please note I am running these APIs on server to generate sid for user and pass the sid to client). But looks like this sid does not work on client machine because of IP address change.
the session (sid) is generated for the same IP, the IP shouldn't be dynamic or change
Here is what I want to achieve-
1. On our hosted server, generate sid or access_token for subuser.
2. Pass the link with sid/token (such as http://myserver.com/?sid=xxxxxxx) to customer so that customer can login just by clicking the link(without entering user/password).Can you please suggest how I can achieve above?
after you generate a token for subuser you can send it to client side or you can Create authorization hash and send it to client side
Hi, I am developing the windows application (C#) to access the data on Wialon hosting via remote API
I'm implementing login screen with the new authorization way mentioned here "http://sdk.wialon.com/wiki/en/sidebar/r … ogin/login".
I used .netFramework component "WebClient" to post data (sign, uid, pwd,etc) to "http://hosting.wialon.com/oauth.html"
Here is my step
1. access "http://hosting.wialon.com/login.html" then find sign value from the response.
2. post required data to "http://hosting.wialon.com/oauth.html"
3. Login with svc=token/login¶ms{...}
I was successful for creating token, logging in with token and getting the list of units, but I always received the error code 7 - Access denied when try to load the message with "svc=messages/load_interval".
I feel there is something wrong in a process of generate the token but cannot find the root of the problem.
Do you have any suggestion or sample C# application with Remote API ?
teerak
Check access type parameter you use when create token http://sdk.wialon.com/wiki/en/sidebar/r … cess_flags
Try to change it to -1 (full access)
teerak
Check access type parameter you use when create token http://sdk.wialon.com/wiki/en/sidebar/r … cess_flags
Try to change it to -1 (full access)
Thank you very much, I achieved for loading message.
Additional question
some time I receive the error message "insecure or allowed time expired" when post data to "http://hosting.wialon.com/oauth.html"
Here is a post parameter.
client_id=WialonRemote+API&access_type=-1&activation_time=0&duration=2592000&flags=0&sign=xxxxx2LxRItzQKMpQ=&login=xxxx&passw=xxx&redirect_uri=http://hosting.wialon.com/login.html
It is not allowed to make request to oauth.html without using authorization form. Request didn't perform due to security reasons.
Also if you use authorization form and got such error message - it means that the form was expired (displayed too long without login) and needs to be refreshed.
Hi deal,
Could you please suggest how to implement it with windows application (application on PC) or smart phone application?
You can generate infinite token using authorization form (access_type -1, dur 0) and then use it in your app without regular direct access to restricted oauth.html.
Could you please suggest how to implement it with windows application (application on PC) or smart phone application?
You should create WebView or WebBrowser (im not expert in C#) and open http://hosting.wialon.com/login.html in it so user can enter login and password.
Next step - detect redirect or url change, parse it, check for errors and get token
Then you can store token in your app and use it for authorization
teerak пишет:Could you please suggest how to implement it with windows application (application on PC) or smart phone application?
You should create WebView or WebBrowser (im not expert in C#) and open http://hosting.wialon.com/login.html in it so user can enter login and password.
Next step - detect redirect or url change, parse it, check for errors and get token
Then you can store token in your app and use it for authorization
Thank you very much.
teerak пишет:Could you please suggest how to implement it with windows application (application on PC) or smart phone application?
You should create WebView or WebBrowser (im not expert in C#) and open http://hosting.wialon.com/login.html in it so user can enter login and password.
Next step - detect redirect or url change, parse it, check for errors and get token
Then you can store token in your app and use it for authorization
In our Android application, User (mostly an administrator, not an operator - reason: operator shouldn't know Wialon username and password) set Wialon User and Password in first run of application (in application setting) and then application use Remote API to work. With core/login we did it without no problem, but with Token i really don't know how should do it. How should our app send username and password to give token?!!!
Please help us in this case.
hhamedk
You should add WebView with the authorization form (http://hosting.wialon.com/login.html) to your app, where user can enter his name and password. After, you should handle redirects (http://stackoverflow.com/questions/4066 … -a-browser), and parse token from url, and save it. Later you can use this token with method token/login like you use login&password with core/login method.
You can find some implementation examples on GitHub(for example https://github.com/wuman/android-oauth-client).
