-
Notifications
You must be signed in to change notification settings - Fork 29
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[Request] Client Credentials support #95
Comments
Hi there! The first link you provided - Classic API Authentication Changes - is implemented and handled under the hood: when you use I have only done preliminary work on the newer "Client Credentials" stuff, but have had other projects taking priority over that work :-/ If you'd like to test what I have so far, I just published my
Grab them from that branch and replace them in your locallly-installed gem. To use the changes in there, make a new connection using an API client, like this:
Then use ruby-jss as normal. In my early testing in IRB, it seems to be working, but the testing has been very limited. Please let me know how it goes for you! Thanks, |
This change has been rolled in to v4.0.0b1, which is now available on rubygems.org - Let me know if you have any issues to report! I probably won't be able to release it until late Jan. since I'll be away for much of mid Jan. and don't want to release a new version just before leaving. |
Chris thanks a lot. I've just tested it, and oauth with client credentials works, but for a very short time. In about a minute or less, it fails with |
Hmmm I know that API Clients have very short lifespans, usually 30seconds to a few minutes. I just set my test client to an hour (3600 seconds) and then did this in IRB:
Its now been over 10 minutes since I created the connection and its still functional:
I'll check every few minutes, and I expect it to stay valid until the expiration time in about 50 minutes. Can you give me any more details about how you're making the connection? Cheers, PS: Changes made to the client in the Jamf Web interface will not affect any existing connection tokens, only newly created ones via |
Hi @nekrich ! Just checking in - are you still having problems with this? I've been unable to reproduce what you descibed in your last message. Cheers! |
Hi.
In the v10.49.0 API, JAMF introduced the Classic API Authentication Changes a new authentication method with Client Credentials.
I looked into your implementation and didn't find any support.
I thought it would be easy, but the current
JAMF::Connection::Token
implementation with user/pw support and time/secs to refresh looks impossible to adapt easily, especially for me without wast knowledge of Ruby and first look into your great repo 😅.I have two questions:
Jamf.cnx
? Yes, it's a token with a short lifespan, but I don't need it to live for a long time.Thanks.
The text was updated successfully, but these errors were encountered: