Authentication Failure

Dany · November 4, 2020, 2:13pm

Hello,

I’m trying to integrate an application with passbolt to manage passwords. I’m not 100% comfortable with all the encryption and I read the help documentation on the API and few post here and source code in Python.

Basically, I tried to reproduce the very first step with cURL and my request is this:
curl --insecure --noproxy “*” --header “Content-Type: application/json” --request POST --data ‘{“gpg_auth”: {“keyid”: “CFE203C74A423D627ABFC2B8EC52DF2411752689”}}’ https://my-passbolt.myhome.ca/auth/login.json

and I receive the following answer:
{“header”:{“id”:“70c16303-bb36-4bcc-a6d1-0793c3bc9fbe”,“status”:“error”,“servertime”:1604498092,“title”:“app_auth_loginPost_success”,“action”:“a3c19ad2-8920-5395-86d0-8567cb34f382”,“message”:“The authentication failed.”,“url”:"/auth/login.json",“code”:200},“body”:null}(passbolt)

The keyid is correct as it is the same as my username, I tried another one and I had “The authentication failed. There is no user associated with this key. User not found.” I know that I’m sending the right information but something is missing.

Can someone help me with that?

Regards,

Dany

cedric · November 5, 2020, 8:11am

Hello @Dany,

Did you have a look at the examples using curl written in PHP?

Dany · November 5, 2020, 7:07pm

I started to look at this.

It did not work but I think it is a setup of my workstation. I will take the time to analyze it. Thanks for the input.

Dany · November 6, 2020, 4:47pm

I finally got it.
I had to work with this library: https://github.com/xwikisas/passbolt-toolbox and I had to add a variable self._user_passphrase in GPGAuthSessionWrapper because without the passphrase it was impossible to decrypt the information sent by the server.

So now I can work the next step.