Hi,
As a beginner, I am facing a lot of difficulties in using pass bolt API. Do we have any complete guide on how to authenticate / login / see users list/update Password/use password and call all these from a remote server via API?
There seems to be a lack of documentation related to such simple stuff. It is alos good that we can get such scripts which help to achieve this.
Regards,
Hi @shakeeb91,
There are several examples on this forum for python, php and javascript.
Which language are you using?
I think Python is suitable. So what do you think is the process to use API to authenticate / get user / get password / update password from remote server to PASSBOLT server? all should be from command line
Basically I need to replace TEAMPASS with PASSBOLT.
You can find examples on how to do both in these projects:
See. https://github.com/liip/wrench
Or https://github.com/xwikisas/passbolt-api
Thanks for answering and sharing those links. But I really don’t want to install any package just simple use API links.
I want to achieve below:
So If I asked what should be the complete API command to first authenticate and if I run command to get/update/add credentials.
For example:
curl https://domain.passbolt/------- ?
Just for your understanding what i want to achieve is;
I have written an Ansible playbook which checks the inventory ( hosts ) and then update the password of all those host by checking it from TEAMPASS ( Now how to use the API of PASSBOLT to get a password and if there is no password then create that entry )
for example:
# Teampass, ask for a new password string
#
- name: teampass - generate new password
uri:
url: “{{ api_url }}/new_password/{{ password_length }}{{ api_suffix }}”
headers: “{{ default_headers }}”
return_content: yes
body_format: json
register: new_password
failed_when: “‘password’ not in new_password.json”
I think there should be very simple two-line of commands
@shakeeb91 what I was suggesting is for you to check how it is done in these library. For example passbolt use GpgAuth which is not trivial to implement, so you should check on how they have done it.
Same for the create/update, passbolt is end to end encrypted, so you need to encrypt the data prior to sending them, you don’t send them in clear to the server.
Authentication (it’s a challenge, so multi step process not a single POST):
https://help.passbolt.com/api/authentication
Get resource (metadata), get secret (encrypted content)
https://help.passbolt.com/api/resources/read
GET https://DOMAIN/resources/UUID.json?api-version=v2&contain[secret]=1
PUT https://DOMAIN/resources/UUID.json?api-version=v2
{"id":"cded0667-dc26-4350-a4e5-abd4c596046c","name":"name","username":"username","uri":"url","description":"description","secrets":[{"user_id":"d57c10f5-639d-5160-9c81-8a0c6c4ec856","data":"-----BEGIN PGP MESSAGE-----...-----END PGP MESSAGE-----\r\n"}]}