openHAB 3 API and HTTP binding - authentication

Further to another (solved) discussion I have taken my first travel down the road of openHAB 3’s API.

I’m trying to use the HTTP binding to read/set some openHAB regional settings, e.g. the language, from within mainUI.

To this end, I have created an Item settingLanguage, which is linked to a channel within a Thing created for the http binding:

UID: http:url:httpThing
label: httpThing
thingTypeUID: http:url
  ignoreSSLErrors: true
    - Authorization= Bearer
  baseURL: http://openhabian:8080/rest/services/org.openhab.i18n
  delay: 0
  stateMethod: GET
  refresh: 30
  commandMethod: PUT
  contentType: application/json
  timeout: 3000
  bufferSize: 2048
  - id: language
    channelTypeUID: http:string
    label: Language
    description: ""
      stateExtension: config
      stateTransformation: JSONPATH:$.language

This sort of works (for some time). My problem is I do not know, which authorization parameters to set in the Thing configuration, in order to access (my own) openHAB server via the API. I fumbled around with the Authentication Mode (Basic, Preemptive Basic and Digest) as well as Username/Password combinations as per suggestions in other topics. However, none of that worked. I have taken the shortcut to put in the Authentication= Bearer header which you can see in the code(disguised) and which is sniffed directly from the Network traffic. This works for a while, but then apparently this needs to be changed to another Header… so this isn’t a solution.

Can you point me in the direction of how to correctly set authentication and other headers for the HTTP binding in order to access my own openHAB server?

If it is the sniffed one it may expire e.g. in case you log out from the session you sniffed it from.
Did you try to set a token in the admin profile area ?
Login as admin. Click on the admin account name to see the profile. There it is possible to create a token

It says:

API Tokens

Create API tokens to give external tools and services which don’t support the OAuth2 Authorization Framework permanent access on your behalf.

That’s exactly what is happening.

Tried that … for some reason, it doesn’t let me generate the Token (“Please try again”) - I’m sure on user name and password credential, but not so sure on how to name the token and scope.

You can give the token any name. It is just a label.
scope doesn’t matter. I think that is not implemented yet.

This topic was automatically closed 41 days after the last reply. New replies are no longer allowed.