We are running our own passbolt install and I’m trying to write small php script to call a API.
And for some reason I’m getting error during first phase after I send post to /auth/login.json with my key_id and field “server_verify_token” with encrypted nonce by server public key.
Based on passbolt documentation server should decode nonce and send me token to decode.
I am not sure if you already know but there is a detailed API documentation that takes you step by step through the authentication process. It lists all the possible responses and details about error codes.
Do not hesitate to get back if you still need help.
I read API documentation and i missed info that answer is sent in header. But a body sent as answer is confusing. What is coding of message you sent in a header?
EDIT: sorry I was confused by URL encoding and as I ddin’t decode it I couldn’t decrypt message.
Thanks
I got to point that I’m authenticated. So in next step I send request for resources and i got reply that I need to login to access it. Do I need to send anything special in get request?
As well I don’t see in response, after successful authentication, cookie csrfToken only CAKEPHP.
To make a GET type request as authenticated user, you’ve to send the cookies with your request. The cookie was sent to you in step 5 of authentication.
And for POST type request, you need to send the CSRF token with your request.