Вы не вошли. Пожалуйста, войдите или зарегистрируйтесь.
We've implemented new modern and more secure authorization method in Wialon.
Here we will answer all the questions about it and help you to overcome all implementation problems.
Blog article
Instructions file
Hi, I am trying to figure out how to implement new login details mentioned here
http://weblog.gurtam.com/wp-content/upl … -Authoriza
I am trying to follow below to create token
http://sdk.wialon.com/wiki/en/sidebar/r … oken/token
My api call looks like (in below example userid is replaced with 0s, app name is replaced with myapp )
http://hst-api.wialon.com/wialon/ajax.html?svc=token/update¶ms={"callMode":"create","userId":"0000000","h":"","app":"myapp","at":0,"dur":604800,"fl":256, "p":"","items":["":""],"deleteAll":""}
I receive error 4 and not really sure whats wrong with above input. I would really use some help, thanks
Hello.
Parameter "items" should contain array of item ids, for example [1234,568]
thanks, and what should I use as item id, my userid or ..?
Because I just tried with my userid and now I get Error 7, while I could succesfully create token using the standart login form(i.e. there is no reason to have my access denied..)
There is not enough info in docs - we'll add more details.
Parameter "userId" is optional. You can pass id of another user.
Then if you have access right Operate as (0x200000) to this user
you'll create/update/delete tokens of this user.
In your case don't sent userId.
As for "items" - you can pass there id of items you want your token had access to.
There is no need to pass id of current user. You can pass id of resources, units and so on.
Ok , thanks, but I am not sure about the resources ids I will need to monitor, these may vary within customer account.
This is my real life api url which still returns Error 7 while i can actually create token manually thru the simple form
Any other ideas what might be wrong with this token creation api url?
This request is for managing tokens after beeing authorized. In most cases you don't need this request.
To authorize to wialon in your app/site now you should use our oAuth form (http://hosting.wialon.com/login.html or http://your.dns.com/login.html).
Example on playground
But if you were successfully authorized by token and then you need to manage tokens of current or other users you have access to - you can use this request.
For example to create manually your new token - use request http://hst-api.wialon.com/wialon/ajax.html?svc=token/update¶ms={"callMode":"create","app":"mywialonapp1","at":0,"dur":604800,"fl":256,"p":"{}","items":[]}
I am also getting error when creating token for different userId using admin authorization. I have authorized the admin using oAuth, got the sid using loginToken. Now when I try to create token for subuser, I get error 7.
What I want is to create token on behalf of subuser and use the generated token to createSession as subuser.
Request:
http://hst-api.wialon.com/wialon/ajax.html?svc=token/update¶ms={"callMode":"create","userId":"xxxxxxx","app":"","at":0,"dur":604800,"fl":256,"p":"{}","items":[xxxxxxx]}&sid=xxxxxxxxxxx
Response:
{
"error": 7
}
Its unfortunate that documentation is very vague. Please suggest how to fix.
I am also getting error when creating token for different userId using admin authorization. I have authorized the admin using oAuth, got the sid using loginToken. Now when I try to create token for subuser, I get error 7.
What I want is to create token on behalf of subuser and use the generated token to createSession as subuser.
Request:
http://hst-api.wialon.com/wialon/ajax.html?svc=token/update¶ms={"callMode":"create","userId":"xxxxxxx","app":"","at":0,"dur":604800,"fl":256,"p":"{}","items":[xxxxxxx]}&sid=xxxxxxxxxxxResponse:
{
"error": 7
}Its unfortunate that documentation is very vague. Please suggest how to fix.
Please check that you were authorized by admin with full token access rigths : access_type = -1
Also you should have access right Operate as (0x200000) to this user to create/update/delete tokens of this user.
trakfamily пишет:I am also getting error when creating token for different userId using admin authorization. I have authorized the admin using oAuth, got the sid using loginToken. Now when I try to create token for subuser, I get error 7.
What I want is to create token on behalf of subuser and use the generated token to createSession as subuser.
Request:
http://hst-api.wialon.com/wialon/ajax.html?svc=token/update¶ms={"callMode":"create","userId":"xxxxxxx","app":"","at":0,"dur":604800,"fl":256,"p":"{}","items":[xxxxxxx]}&sid=xxxxxxxxxxxResponse:
{
"error": 7
}Its unfortunate that documentation is very vague. Please suggest how to fix.
Please check that you were authorized by admin with full token access rigths : access_type = -1
Also you should have access right Operate as (0x200000) to this user to create/update/delete tokens of this user.
Dear chdi,
Thank you for your response.
Question: Please check that you were authorized by admin with full token access rigths : access_type = -1
Answer: I am the creator of the user whose token I want to create. I am using the sid of the creator while calling token/update API above. Can you please suggest do I still need to set access_type = -1 and where I need to to set access_type = -1
Question: Also you should have access right Operate as (0x200000) to this user to create/update/delete tokens of this user.
Answer: I am the creator of the of the user, when I login into cmd.wialon.com and hosting.wialon.com using my login/password, I am able to do "Login as another user" the user so I presume I have all the right.
Awaiting your response, and please excuse if my questions are too basic but I am struggling to create token for my sub-user using API. Please help how can I debug the issue.
Answer: I am the creator of the user whose token I want to create. I am using the sid of the creator while calling token/update API above. Can you please suggest do I still need to set access_type = -1 and where I need to to set access_type = -1
If you authorized under user-creator through token , sure you should use the parameter access_type = -1 to get token
For example, http://hosting.wialon.com/login.html?cl … ion=604800
You can find the full parameters for Extend form here http://sdk.wialon.com/wiki/en/sidebar/r … ogin/login
Question: Also you should have access right Operate as (0x200000) to this user to create/update/delete tokens of this user.
Answer: I am the creator of the of the user, when I login into cmd.wialon.com and hosting.wialon.com using my login/password, I am able to do "Login as another user" the user so I presume I have all the right.Awaiting your response, and please excuse if my questions are too basic but I am struggling to create token for my sub-user using API. Please help how can I debug the issue.
Please also check is it a correct id of elements you set for "userID" and 'items"
trakfamily пишет:Answer: I am the creator of the user whose token I want to create. I am using the sid of the creator while calling token/update API above. Can you please suggest do I still need to set access_type = -1 and where I need to to set access_type = -1
If you authorized under user-creator through token , sure you should use the parameter access_type = -1 to get token
For example, http://hosting.wialon.com/login.html?cl … ion=604800
You can find the full parameters for Extend form here http://sdk.wialon.com/wiki/en/sidebar/r … ogin/loginQuestion: Also you should have access right Operate as (0x200000) to this user to create/update/delete tokens of this user.
Answer: I am the creator of the of the user, when I login into cmd.wialon.com and hosting.wialon.com using my login/password, I am able to do "Login as another user" the user so I presume I have all the right.Awaiting your response, and please excuse if my questions are too basic but I am struggling to create token for my sub-user using API. Please help how can I debug the issue.
Please also check is it a correct id of elements you set for "userID" and 'items"
Here are the steps that I performed-
1. To get the token for creator account, I used oauth URL- http://hosting.wialon.com/login.html?cl … ion=604800 and got the access_token for creator account.
2. Logged in with creator account using token/login remote API http://hst-api.wialon.com/wialon/ajax.html?svc=token/login¶ms={"token":xxxx}, got session id ("eid":xxx) in response.
3. Now to create token for subuser (i.e. of whom on I creator) I called following API-
http://hst-api.wialon.com/wialon/ajax.html?svc=token/update¶ms={"callMode":"create","userId":"12822687","app":"","at":0,"dur":604800,"fl":100,"p":"{}","items":["12822687"]}&sid=c066e3e906ffb24fda4ee72716f5eb5a
Where userId and items are the user id of subuser for whom I want to generate token, and sid is the session id (i.e. eid field in step2). But I am still getting Error 7 in response.
Question-1 What does "items" filed in token/update API mean, wialon documentation says "list of item ids with token granted access"? What should I pass to create token for subuser?
Question-2 Can you please suggest what am I doing wrong in above steps? Unfortunately there is no example for http://sdk.wialon.com/wiki/en/sidebar/r … ken/update API in wialon playground.
Questions-3 Has anyone used token/update API at all and found it working?
Dear trakfamily,
the steps are correct
add some name for parameter "app" - the application name should be defined to authorization
For example,
http://hst-api.wialon.com/wialon/ajax.html?svc=token/update¶ms={"callMode":"create","userId":"12822687","app":"myapp","at":0,"dur":604800,"fl":256,"p":"{}","items":[]}&sid=your_sid
Also set a correct flag : "f":0x100 in hex or "f":256 in decimal
In field "items" you can define a list of elements id (other users, units, resource ) for which this sub-user will have access rights according with this token
For example, "f":256 means Online tracking , so sub-user can have bacis acceess rights to "items"
Dear Chdi,
Fixing the "app" parameter did the trick, thank you so much.
Now I am able to generate access_token for subuser using token/update remote API. After getting the token, I am using token/logen remote API to generate "sid" for the subuser (Please note I am running these APIs on server to generate sid for user and pass the sid to client). But looks like this sid does not work on client machine because of IP address change.
Here is what I want to achieve-
1. On our hosted server, generate sid or access_token for subuser.
2. Pass the link with sid/token (such as http://myserver.com/?sid=xxxxxxx) to customer so that customer can login just by clicking the link(without entering user/password).
Can you please suggest how I can achieve above?
Dear Chdi,
Fixing the "app" parameter did the trick, thank you so much.Now I am able to generate access_token for subuser using token/update remote API. After getting the token, I am using token/logen remote API to generate "sid" for the subuser (Please note I am running these APIs on server to generate sid for user and pass the sid to client). But looks like this sid does not work on client machine because of IP address change.
the session (sid) is generated for the same IP, the IP shouldn't be dynamic or change
Here is what I want to achieve-
1. On our hosted server, generate sid or access_token for subuser.
2. Pass the link with sid/token (such as http://myserver.com/?sid=xxxxxxx) to customer so that customer can login just by clicking the link(without entering user/password).Can you please suggest how I can achieve above?
after you generate a token for subuser you can send it to client side or you can Create authorization hash and send it to client side
Hi, I am developing the windows application (C#) to access the data on Wialon hosting via remote API
I'm implementing login screen with the new authorization way mentioned here "http://sdk.wialon.com/wiki/en/sidebar/r … ogin/login".
I used .netFramework component "WebClient" to post data (sign, uid, pwd,etc) to "http://hosting.wialon.com/oauth.html"
Here is my step
1. access "http://hosting.wialon.com/login.html" then find sign value from the response.
2. post required data to "http://hosting.wialon.com/oauth.html"
3. Login with svc=token/login¶ms{...}
I was successful for creating token, logging in with token and getting the list of units, but I always received the error code 7 - Access denied when try to load the message with "svc=messages/load_interval".
I feel there is something wrong in a process of generate the token but cannot find the root of the problem.
Do you have any suggestion or sample C# application with Remote API ?
teerak
Check access type parameter you use when create token http://sdk.wialon.com/wiki/en/sidebar/r … cess_flags
Try to change it to -1 (full access)
teerak
Check access type parameter you use when create token http://sdk.wialon.com/wiki/en/sidebar/r … cess_flags
Try to change it to -1 (full access)
Thank you very much, I achieved for loading message.
Additional question
some time I receive the error message "insecure or allowed time expired" when post data to "http://hosting.wialon.com/oauth.html"
Here is a post parameter.
client_id=WialonRemote+API&access_type=-1&activation_time=0&duration=2592000&flags=0&sign=xxxxx2LxRItzQKMpQ=&login=xxxx&passw=xxx&redirect_uri=http://hosting.wialon.com/login.html
It is not allowed to make request to oauth.html without using authorization form. Request didn't perform due to security reasons.
Also if you use authorization form and got such error message - it means that the form was expired (displayed too long without login) and needs to be refreshed.
Hi deal,
Could you please suggest how to implement it with windows application (application on PC) or smart phone application?
You can generate infinite token using authorization form (access_type -1, dur 0) and then use it in your app without regular direct access to restricted oauth.html.
Could you please suggest how to implement it with windows application (application on PC) or smart phone application?
You should create WebView or WebBrowser (im not expert in C#) and open http://hosting.wialon.com/login.html in it so user can enter login and password.
Next step - detect redirect or url change, parse it, check for errors and get token
Then you can store token in your app and use it for authorization
teerak пишет:Could you please suggest how to implement it with windows application (application on PC) or smart phone application?
You should create WebView or WebBrowser (im not expert in C#) and open http://hosting.wialon.com/login.html in it so user can enter login and password.
Next step - detect redirect or url change, parse it, check for errors and get token
Then you can store token in your app and use it for authorization
Thank you very much.
teerak пишет:Could you please suggest how to implement it with windows application (application on PC) or smart phone application?
You should create WebView or WebBrowser (im not expert in C#) and open http://hosting.wialon.com/login.html in it so user can enter login and password.
Next step - detect redirect or url change, parse it, check for errors and get token
Then you can store token in your app and use it for authorization
In our Android application, User (mostly an administrator, not an operator - reason: operator shouldn't know Wialon username and password) set Wialon User and Password in first run of application (in application setting) and then application use Remote API to work. With core/login we did it without no problem, but with Token i really don't know how should do it. How should our app send username and password to give token?!!!
Please help us in this case.
hhamedk
You should add WebView with the authorization form (http://hosting.wialon.com/login.html) to your app, where user can enter his name and password. After, you should handle redirects (http://stackoverflow.com/questions/4066 … -a-browser), and parse token from url, and save it. Later you can use this token with method token/login like you use login&password with core/login method.
You can find some implementation examples on GitHub(for example https://github.com/wuman/android-oauth-client).
Our problem is that we can't use WebView as i mentioned. Because username and password should set by Administrator not user or operator and also username and password sent from our server side in a encrypted file, application use file, read username and password, store them and use them for future login. So, should forgot WebView completely. But thanks.
Any other idea?
hhamedk If you have a session on your server side, you can create tokens by calling token/update method with callMode=create. After you can send them to your application and use them for future login.
We finally found a way. I call http://hosting.wialon.com/login.html and get response, then i extract sign from this response, then i set parameters and send for http://hosting.wialon.com/oauth.html, in response I get html string that contains "authorization success" . But i can't get token from response, i should get token from new url that android can't get it (or i don't know how). How can I get token in response?
This is wrong way. You shouldn't extract sign parameter and execute /oauth.html request by yourself. It is restricted and if it works now - you can't be sure that it will work tommorow. In your sites/apps you should use authorization form to generate token. If there is problem to show form in some app - you can generate infinite token (duration 0) with full access (access_type -1) and use it insted of login and password. Using this token you can authorize and do everything including generation of new tokens for subusers.
Is there a possibility to create a Token from CMS or Monitoring panel?
I have two question:
1. If we create a infinite Token is it possible to use it in our application as you mentioned? does Token work with any IP? Our application will install on an android smart phone and IP address will change time to time.
2. You developed new authentication way to increase security level. Don't you think creating a infinite Token has lower security level than even old authentication?
There is no such interface in CMS or Monitoring. You can only view or remove tokens in user's menu -> Manage Applications.
But you can generate such token using authorization form with such request:
http://hosting.wialon.com/login.html?cl … mp;flags=6
1. You can use generated token in any your apps on any IP.
2. We don't think so. Even infinite token can be removed anytime by owner.
New authorization method is much better and safer than old one.
We'll continue to make it better.
Hello,
We're trying to add the new OAuth autorization in your custom application who is running in background on our server, but we're have a bug and need you help on this issue.
For our application who is running in background on our server.
How we need to use the authorization method in background on our server ?
What is the code to use in background on our server ?
How we can have a warranty that we have obtain a token and our service continue to work in background ?
In your sites/apps you should use authorization form to generate token. (You can show it using WebView component or equivalent one)
If there is problem to show our form in some app - you can generate infinite token (duration 0) with full access (access_type -1) and use it insted of login and password.
Using this token you can authorize and get sid. And then your app can execute request using this sid.
You can refer to docs at http://sdk.wialon.com/wiki/ru/sidebar/r … ogin/login
and examples at http://sdk.wialon.com/playground/ (last 3 examples)
For our application who is running in background on our server.
Usually background services with deprecated core/login works in following way:
If you app work as writen, here's steps how to use new OAuth autorization:
We have several projects that uses this logic, everything works fine. Please ask if need some clarification.
Hi,
Do you have a sample of code in C# who use this logic to validate if the token has expired ?
Thanks
Regards
Do you have a sample of code in C# who use this logic to validate if the token has expired ?
Sorry, we dont use C#.
But logic is pretty easy: you have to check if 'error' key exists in token/login request. Here's pseudo code (just sample, not a real program)
// constants
url = "http://hst-api.wialon.com/wialon/ajax.html";
token = "79c8a862473fef040c011e5d40a36e3a4DA1F0E9ABF237D20E89AA7BAA4480FCBBA92915";
// RemoteApi request
request = Request(url + "?svc=token/login¶ms={token:'" + token + "'}");
// exec token/login and get response
response = request.send();
// parse response json
response = Json.parse(response);
// check "error" key exists
if (response.hasKey("error")) {
if (response.getValue("error") == 7 || response.getValue("error") == 8) {
// invalid token
return
} else {
// other login error, try to login again
}
} else {
// token is valid
}I use C# and I use the everlasting tokens option with below code to check and delete if too many tokens are created . Hope this helps
List<tokens> tokenslist = ser1.Deserialize<List<tokens>>((new WebClient()).DownloadString(urlCheckTokenCount));
if (tokenslist.Count > 900)//max allowed number of tokens per user is 1000, I use to delete them if they exceed 900;
{//will delete only tokens under this app name and this user
for (int i = 0; i < 900; i++)
{
string currenttokenappname = tokenslist[i].app;
if (string.Compare(currenttokenappname, appname) == 0)
{
string currenttoken = tokenslist[i].h;
if (string.Compare(currenttoken, token) != 0)//skip current token , delete all the rest,
{
string urlDeleteToken = wialonurlfix + "ajax.html?svc=token/update¶ms=" +
"{\"callMode\":\"delete\",\"userId\":\"" + userid + "\",\"h\":\"" + currenttoken + "\",\"app\":\"" + appname + "\",\"at\":0,\"dur\":0,\"fl\":256,\"p\":\"{}\",\"items\":[],\"deleteAll\":\"\"}";
string tokendel = (new WebClient()).DownloadString(urlDeleteToken);
}
}
}
}
Hi Everybody.
We are having problems with JAVA API loggin.
Anyone could help me to login again using the new way (not with JavaScript)
This is the code we are using:
private void login()
{
session.initSession("https://hst-api.wialon.com"); //http://kit-api.wialon.com http://hst-api.wialon.com http://track.folgen.mx "https://hst-api.wialon.com"
System.out.println("Inicio");
session.login("","", new ResponseHandler() {
@Override
public void onSuccess(String response) {
super.onSuccess(response);
System.out.println(String.format("El usuario es: %s", session.getCurrUser().getName()));
//JOptionPane.showMessageDialog(null,"Conectado");
searchGroups();
}
@Override
public void onFailure(int errorCode, Throwable throwableError) {
super.onFailure(errorCode, throwableError);
System.out.println(Errors.getErrorText(errorCode));
//logout();
//JOptionPane.showMessageDialog(null,"Error");
}
});
}
Desarrollo, please update your Java SDK to the latest version from GitHub and use
Session.loginToken()method instead of
Session.login()Hello Kopa!
I'm using the wialon-sdk- 1.2.39.jar, do you have the lastest version? or how can to update this code?
Hi Everybody!!
Somebody knows if the jar file to JAVA API will be liberate with the most recently update ? i use the wialon-sdk-1.2.39.jar
Hi Everybody!!
Somebody knows if the jar file to JAVA API will be liberate with the most recently update ? i use the wialon-sdk-1.2.39.jar
there is the last version on GitHub
try to apply method as recommended above
Desarrollo
Yes, please download latest version from attachments. We'll update this at sdk.wialon.com as soon as possible.
wialon-sdk-1.3.57.jar 147.1 Кб, файл был скачан 378 раз(а)
Hi Kopa!!
Thank you so much for provide the jar file.
Approximately when will have the updated documentation? We need to delivery these days and require this documentation, or if we can provide the new way to authenticate would be helpful. I'm develop by the code simple in http://sdk.wialon.com/wiki/en/sidebar/j … les/search
I hope your comments.
Thanks in advance.
Desarrollo
Wialon Java SDK and examples updated at sdk.wialon.com, please see updated example which use loginToken method.
Thank you Kopa!!
I have a questión, token parameter will be static? , not exist method to generate token?, ¿Where i have to generate this token? i paste the code
session.loginToken("2fe8024e0ab91aa6c8ed82717b71bddcECDC362358DF7D90986F5173D405CD0D42DE7B38", new ResponseHandler() {....
I hope your comments!
Thanks!
If you want to use static token, please see post#36
...
Generate token - only once
To get token you can use playground sample or directly this form. Please check that access_type grant enough rights (use access_type=-1 to grant full rights) and duration=0 (infinite token, the only restriction - use it for login minimum once per 100 days).
...
Otherwise you should use authorization form in your application to generate token, please see post #1
Hi,
We are trying to integrate the new authorization in our phonegap application using javascript but we are not able to get it through. Window event message is not getting called.
Please let us know option to integrate new authorization in phonegap.
thanks in advance.
regards,
vinod
We don't use phonegap in our development. That's why we can't be very helpfull to you in phonegap specific details.
Please refer to our playground examples about tokens http://sdk.wialon.com/playground.
Also this page http://phonegap-tips.com/articles/googl … owser.html can be helpfull to You.
thanks for information. Another question i have :
How to change the wialon hosting image on login page when calling login.html page from javascript.
thanks & regards,
Vinod Porwal.
vinod.porwal, logo image for login.html or login_simple.html is taken from site's skin (personal design).
You can ask your personal manager about it.
Hi,
I am first time Wialon user, so please bear with me for some basic questions.
I am developing a simple android app.
The app is going to run a background job/service. The background job post the location details details to Wialon. The app does not have UI to use wialon login.html
I would like to know the step by step API sequence to token,authorize, login, create the device in Wialon and update the latest location against the device. In the Wialon documentation the new way to authorize is first returning me a html page with sign when i use the below sample url: http://hosting.wialon.com/login.html?cl … ion=604800
As i do not have a UI in my app, i would like to avoid or ignore the html.
Step 1:
Can anyone help how to perform the token,authorize, login?
Step 2:
Help with using a Wialon item or Unit, i am not sure about the difference and i am noure if i need to use them. As per my requirement, i need to post the device id, location and when there is a location update i need to send and update the location against the device.
Kindly help me out here. Thanks in Advance.
Thank you,
Jagan
Hi,
I am first time Wialon user, so please bear with me for some basic questions.
I am developing a simple android app.
The app is going to run a background job/service. The background job post the location details details to Wialon. The app does not have UI to use wialon login.html
I would like to know the step by step API sequence to token,authorize, login, create the device in Wialon and update the latest location against the device. In the Wialon documentation the new way to authorize is first returning me a html page with sign when i use the below sample url: http://hosting.wialon.com/login.html?cl … ion=604800
As i do not have a UI in my app, i would like to avoid or ignore the html.
Step 1:
Can anyone help how to perform the token,authorize, login?
Step 2:
Help with using a Wialon item or Unit, i am not sure about the difference and i am noure if i need to use them. As per my requirement, i need to post the device id, location and when there is a location update i need to send and update the location against the device.
Kindly help me out here. Thanks in Advance.
Thank you,
Jagan
Hello, jaganls.
If You can't use our oAuth form in Your app - you can authorize to Wialon using previously created infinite token with request http://sdk.wialon.com/wiki/en/sidebar/r … ples/login
You can create such token for Your user manually by using our oAuth form:
http://hosting.wialon.com/login.html?client_id=wialon&access_type=-1&activation_time=0&duration=0where in client_id You can pass app name,
access_type -1 means full access,
activation_time 0 means token will be active at once,
duration 0 - means infinite token, it will exist forever, but it will be deleted after 100 days of inactivity (no logins).
Then as a result of successful authorization You can copy Your token from browsers query string: parameter access_token.
Now You can use this token in Your app:
https://hst-api.wialon.com/wialon/ajax.html?svc=token/login&
params={
"token":"<your_token>"
}As a result of this request You'll get json with parameter "eid". This is session id (sid) which You should pass to all further requests.
Some info about Wialon items. Item is common name for several classes (user, resource, unit, group, route, retranslator).
You need to use Unit - it's device (tracker, mobile).
More details about sending device's location in next post.
Hi,
Thank you for the reply. I was able to successfully authorize, login, create unit and search items.
Now my requirement is update location every 5 minutes to the specific unit, can you help with a sample request to keep posting the location update to the unit?
Thank you in Advance.
Thank you,
Jagan
jaganls, now You can send data messages with coordinates to Wialon Unit.
You can do it using Wialon IPS protocol (recommended) http://gurtam.com/en/gps_tracking/gps_h … ?id=96266.
Here You can find emulator and sources https://github.com/xHasKx/WialonIPSEmulator/wiki.
Another way - You can periodically execute import messages request (with file) http://sdk.wialon.com/wiki/en/sidebar/r … _messages.
More info about import/export in Wialon http://docs.wialon.com/en/hosting/user/msg/port.
By the way this forum thread is for discussion of new authorization method only.
Dear partners
We are developing new Wialon based application. is it possible to use remote API "New Authorization" in localhost or we have to use it on server?
since when we work on localhost after post the New Authorization the response redirect us to oauth.html that is not contained in our localhost!!
Please guide us in this case.
Dear Support Team
Regarding our new application is it possible to put it on your servers? We need PHP, MySQL and Apach web server? We are no familiar to such things that if your partners put their applications on your servers or user their own server and only use remote API to communication with Wialon.
Our application has it's own DB for some functions that doesn't exist in Wialon and uses Wialon where there is a elememnt in Wialon we can use it via remote API.
Another question:
As each user has it's own Access, Why we should define Token Flag again? if we request for eaxmple -1 Token Flag or an user that don't have such access what will happen? i mean which is in higher level, User access right or Token Flag? is it possible to request a Token with more Flags thatn user access rights?
hhamedk, Hello.
1. To answer the first question we need more details. Do You use Wialon Hosting or Wialon Local? How did You organized application and access to Wialon? Concerning localhost - it is recommended to use remote server.
2. We don't provide web hosting for clients' apps for now. May be in future. But only with strong validation.
3. About token access rights. You can generate token with limited access, for example to pass to third parties. As for users' access rights and tokens' access rights - they work as intersection.It means that if user has higher level of access and token has lower - lower access rights will work. If token has higher access level and token lower - still lower access rights will work.
Dear Deal
We are using WH
Would you please explain that how we should integrate our app with Wialon? for example we want to add our application in apps menu in monitoring panel, where we should host it? how we should link it to Wialon? Please explain these questions and explain the procedure.
My another question is that we want to check the list of access rights templates for example in user properties by Remote API, but we couldn't find the command for this case. Please explain how should we do it.
hhamedk, here is documentation about adding apps to Wialon http://docs.wialon.com/en/hosting/cms/apps/apps.
If something in docs is unclear - ask questions, we'll help.
As for Your second question It isn't quite clear what You want to do. Try to explain more detailed. Are You talking about access rights templates in items dialog http://docs.wialon.com/en/hosting/cms/rights/dialog?
By the way this forum thread is for new authorization method discussion. It is recommended to ask another questions in appropriate threads or create new ones.
Dear support team
thanks for your suggestions. Is there any option for us to apply codes first in localhost for test purposes and then Wialon Server? as you wrote on your forum and weblog Auth method the only access right to methods is to apply codes only with a form located in wialon server. If no, please explain how we should put our form to your server?
hhamedk, look at this example http://sdk.wialon.com/playground/demo/app_auth_token and try to do smth like this.
As for testing in local network - You can but You should write http://localhost instead of localhost in redirect_uri param.
hhamedk, look at this example http://sdk.wialon.com/playground/demo/app_auth_token and try to do smth like this.
As for testing in local network - You can but You should write http://localhost instead of localhost in redirect_uri param.
Dear deal
We are working on PHP, the code we use is as below:
<?php
// Define URL where the form resides
$form_url = "http://hosting.wialon.com/login.html";
// This is the data to POST to the form. The KEY of the array is the name of the field. The value is the value posted.
$data_to_post = array();
$data_to_post['client_id'] = "Mission Management";
$data_to_post['access_type '] = "-1";
$data_to_post['activation_time'] = "0";
$data_to_post['duration'] = "2592000";
$data_to_post['lang'] = "en";
$data_to_post['flags'] = "0";
$data_to_post['user'] = 'ss-developers';
$data_to_post['redirect_uri'] = 'http://localhost/mm/main.php';
$data_to_post['response_type'] = 'token';
$data_to_post['css_url'] = 'http://localhost/mm/style.css';
// Initialize cURL
$curl = curl_init();
// Set the options
curl_setopt($curl,CURLOPT_URL, $form_url);
// This sets the number of fields to post
curl_setopt($curl,CURLOPT_POST, sizeof($data_to_post));
// This is the fields to post in the form of an array.
curl_setopt($curl,CURLOPT_POSTFIELDS, $data_to_post);
//execute the post
$result = curl_exec($curl);
//print_r ($result);
//close the connection
curl_close($curl);
?>we run this code on local host, the result is as attached screenshot "login.jpg" and after entering the username and password the result is as "error.jpg" attachment.
Please guide us, explain what's wrong.
hhamedk, You use our oauth form in wrong way - it won't work.
Тry to show form in separate window, like here http://sdk.wialon.com/playground/demo/app_auth_token
or in iframe, like here http://sdk.wialon.com/playground/uQRYKW7y/4
Hi everyone
We are working on WL regarding our project. i want to know is it possible to change login (login.html) page in our WL server?
We need to design another login page we think as we are using WL (not WH) it may possible.
My another question is about access types under authentication. We could use Geofence Image command (http://sdk.wialon.com/wiki/en/sidebar/r … zone_image) in API with a token of 0x400 access type but now we receive "error 7" response. Is there any change in access types of system?
Hi everyone
We are working on WL regarding our project. i want to know is it possible to change login (login.html) page in our WL server?
We need to design another login page we think as we are using WL (not WH) it may possible.
sorry, in this topic just the authorization is discussed, if it's about white-labeling opportunities please contact your regional manager directly.
thanks.
Hi everyone
My another question is about access types under authentication. We could use Geofence Image command (http://sdk.wialon.com/wiki/en/sidebar/r … zone_image) in API with a token of 0x400 access type but now we receive "error 7" response. Is there any change in access types of system?
There were no changes in access types. This request should work. Make sure your user has enough access rights to resource with geofence.
I'm trying to create a new notification and I'm getting access denied(erro 7) error.
Url used to create token:
http://hosting.wialon.com/login.html?client_id=App&access_type=-1&activation_time=0&duration=604800instead of -1 as access type I tried 0x800- modification of sensitive data too.
Call used to create sid(eid) from the above result:
https://hst-api.wialon.com/wialon/ajax.html?svc=token/login¶ms={ "token":TOKEN}With the above sid, call used to create notification:
https://hst-api.wialon.com/wialon/ajax.html?svc=resource/update_notification¶ms={"itemId":13935212, "id":0, "callMode":create, "n":name1, "txt":dect1, "ta":2016-02-10, "td":2016-02-14, "ma":0, "mmtd":2, "cdt":2, "mast":2, "mpst":2, "cp":2, "fl":0x1, "tz":0, "la":EN}&sid=SIDI tried to get the account information with the below call and same error.
https://hst-api.wialon.com/wialon/ajax.html?svc=account/get_account_data¶ms={"itemId":USERID,"type":1}&sid=SIDAny idea what I'm missing?
davis.tom, itemId 13935212 - is Your user id?
To create notification You should pass there Your resource id.
The same for get_account_data request.
davis.tom, itemId 13935212 - is Your user id?
To create notification You should pass there Your resource id.
The same for get_account_data request.
Edit:
Thanks. Resource Id is "bact" parameter in svc=token/login call right? My value for "bact" is "13935213". I tried with it an now error 7 is gone. Got result for get_account_data call.
But now the error for resource/update_notification is error 4 with "bact" = "13935213". It looks like an issue unrelated to authorization. Will start a new thread and ask.
URGENT ! OAuth error ?
Yesterday morning at around 10:35 am (Eastern Time), all our data acquisitions using the Wialon REST API stopped working.
It seems to be a problem with OAuth.
Calling the login method, passing one by one all the permanent tokens we had, returned the error code '4'.
I regenerated new permanent tokens for my users via this url: http://hosting.wialon.com/login.html?sv … vc_error=7
Yet, my calls to the login method of the REST API keep on failing with the error code '4'.
By the way, I did verify that application tokens do appear on the Wialon console, so that's why I think there was an update or something your side which broke the way OAuth was working.
Can you please help me to solve this ?
Our customers are no longer receiving their data since yesterday morning.
Thanks
NTS, do you still have problems with invalid tokens? For more details You can provide user name and invalid token example (private message).
Hi everyone
May you explain css_url parameters under new authorization method in both advanced and simplified modes?
Please explain below parameters under simplified mode as well (i can't understand them in doc, please give me an example of usage):
1. cms_url
2. lite_url
3. mobile_url
4. title
5. demo_url
Hello, hhamedk.
Optional parameter css_url is for custom styling of simple and advances login forms (if You need to change colors, fonts, sizes etc). You can pass an url to externally hosted css file into this paramter.
As for other extra parameters (cms_url, lite_url, mobile_url, title, demo_url) see example here:
https://sdk.wialon.com/playground/demo/ … imple_form
With the help of cms_url (and cms_title - CMS Manager), lite_url (and lite_title - Wialon Lite), mobile_url (and mobile_title - Wialon Mobile) You can specify additional Wialon sites to be shown as links after login. You can login to these sites with one click - newly generated token will be used.
By default only one link to Monitoring site will be shown after login, and with the help of title parameter You can specify the name of this site.
If demo_url and demo_title parameters are passed - additional link is shown at the bottom of simple login form. This link gives ability for user to examine some site (e.g. Wialon Hosting) without entering any login and password. Format of demo_url should be like this: http://hosting.wialon.com/?token=<token> .
Thanks for the detailed instruction.
What I can add here is that you need to set the proper flags to authorize the session ID to do as intended.
-1 is unlimited and good for beta testing, be careful when using this in production.
Hi, can anyone help , from where to get the resource ids? to pass in create/update/delete token function.
farith, hello. When you create token and skip or leave empty "items" parameter - token will have access to all items (including resources) that current user has. If you need to grant access to only specific items - you can initially execute core/search_items request with "itemsType" set to "avl_resource" and "flags" set to 1. As a result you'll get list of resources and then you can pass their ids to token/update request into "items" parameter.
hello,
i have some problem to get the token id with the new authorization ways, always failed less than 15 minute. so the monitoringscript to get the data stop also.
currently, re-login form to get the new token, but its wasting time
let me know, who was same the problem and solution. thanks
ohiya, i use wialon local 1704
Error 7 on searching item by ID
I have used below command after getting eid
https://hst-api.wialon.com/wialon/ajax. … b24aa7xxxx
But i am getting error 7
I have cretaed token with -1 flags
Not sure why my acees is denied
Can you please help?
siju, hello. May be you are trying to search for item that doesn't belong to you or you doesn't access to.
You can write pm with item id and your username to check this.
Interesting, very interesting ( Gurtam wants me to reply to 3 topics before creating one... )
Stuff... (I just need to reply to 3 different topics before being allowed to create one myself.)
Hello dear developers,
I have several wialon accounts and I would like you to help me get an API key and then get GPS data in JSON format. Until now the support is not able to give me a satifaisante answer.
Thank you for wanting to help me.
Hi. We can successfully get a token when we visit https://hosting.wialon.com/login.html using a browser. However we would like to do so programatically.
I tried doing so using Postman and calling this URL:
https://hosting.wialon.com/login.html?l … p;app=Clue
and then passing the Password in Body using x-www-form-urlencoded, as key Password or password or passw, however none of these worked.
Is there a way to pass the password in the request, so that Wialon returns the token?
If you can please send a screenshot of a working implementation in Postman or a Postman collection that would be superb, otherwise any help here would be appreciated too.
Thanks.