Forums Archived

This forum has been archived. No new posts can be made and no new users can sign up. It remains here for reference only.

Find the new forums here

  • Cannot make API work - getting permission errors. Any examples? Any documentation?

Cannot make API work - getting permission errors. Any examples? Any documentation?

  • 868 Views
  • Last Post 22 September 2020
damago1 posted this 20 September 2020

Hello, I am trying to use API and it is not working. First I am making Api call to LOGIN and it seems that I am getting some success. I am getting answer:

{"success":true,"permissions":["ADS.*","Instances.*","Settings.*","FileManager.*","LocalFileBackup.*","Core.*"],"sessionID":"9483eb88-fb6a-41c0-8dce-6ec17776fba4","rememberMeToken":"932ad6fd-d541-4718-93e3-651d458f610e","userInfo":{"ID":"b2fc3445-db2f-4f54-a6f4-54167ed789ef","Username":"zabbix","IsTwoFactorEnabled":false,"Disabled":false,"LastLogin":"\/Date(1600622697338)\/","GravatarHash":"5fcd1b3e34b52fffef0037ce08c7cd66"},"result":10}

But when I want to make any other call, for instance to GetLocalInstances I get the following reply:

{"Error":true,"Title":"Unauthorized Access","Message":"You do not have permission to use this method (WebMethods.GetAMPUsersSummary) at this time. This method requires the Session.Exists permission.","StackTrace":"\n  at GSMyAdmin.WebServer.WebAttributes.InvokeMethod (String MethodName, Newtonsoft.Json.Linq.JObject Data, m.Http.IHttpRequest request, ModuleShared.IWebSession Session, ModuleShared.WebMethodsBase MethodsClass, String RawRequest) \n  at GSMyAdmin.WebServer.APIService.InvokeAPI (m.Http.IHttpRequest request, ModuleShared.IWebSession Session, Newtonsoft.Json.Linq.JObject Data, String RequestModule, String RequestMethod, String RawRequest) "}

To the second call I am passing the whole answer from the first call. Herre is my call (bash script):

RESPONSE=$( curl \
        --header "Accept: application/json" \
        --request POST \
        --data "$TOKEN" \
        http://minecraft.mydomain.pl.:8080/API/Core/GetAMPUsersSummary )

The $TOKEN is replaced by the response from the first 'login' call, which is in fact almost identical, only theurl is different and json is taken from article on using the API. In audit logs I do see that the user zabbix is correctly logged in. User zabbix is added to super-admins group so it should have ALL permissions. the API documentation is very poor. Only a short article without any examples. The description of the keys is not helping either (only key name and very very short listing of available parameters without even one sentence what it does.

amp script monitoring api zabbix
Order By: Standard | Newest | Votes
Mike posted this 20 September 2020

Are you feeding back the login token you get given with subsequent requests?

I'd also recommend using one of the official APIs if possible, such as the NodeJS library found here: https://github.com/CubeCoders/ampapi-node

damago1 posted this 21 September 2020

Yes. As a $TOKEN I am passing either the whole response from first call:

{"success":true,"permissions":["ADS.*","Instances.*","Settings.*","FileManager.*","LocalFileBackup.*","Core.*"],"sessionID":"9483eb88-fb6a-41c0-8dce-6ec17776fba4","rememberMeToken":"932ad6fd-d541-4718-93e3-651d458f610e","userInfo":{"ID":"b2fc3445-db2f-4f54-a6f4-54167ed789ef","Username":"zabbix","IsTwoFactorEnabled":false,"Disabled":false,"LastLogin":"\/Date(1600622697338)\/","GravatarHash":"5fcd1b3e34b52fffef0037ce08c7cd66"},"result":10}

or only the: 

{"sessionID":"9483eb88-fb6a-41c0-8dce-6ec17776fba4"}

None of those works.

Mike posted this 21 September 2020

Look at the documentation on the front page of the API endpoint. It tells you what data you need to send back with an example.

damago1 posted this 22 September 2020

Ok. Managed to make it work. For anybody who will encounter the same problem:

the SESSIONID has to be in CAPITAL LETTERS despite being returned in mixed case from login call. So the correct format to be sent to subsequent commands is: 

{SESSIONID:"9455eb88-fb6a-41F0-8dce-6ec1FF6fba4"}

I have some more questions:

  • how to obtain information if minecraft instance is sleeping? In ADSModule/GetInstanceStatuses or ADSModule/GetInstances there is a field Running but it is always true (both when minecraft is sleeping and when it is awaken. There is also field AppStatus but it is always -1 also there is Core/GetStatus which has "Active Users" field but it's RawValue is always 0, and percent is very huge negative numer.

  • how to obtain minecraft users count (active logged in users count) or list for minecraft instances? There is a call Core/GetUserList but it is always returning empty list despite people being logged into minecraft instances.

My goal is to monitor AMP Minecraft servers with zabbix and I need basic diagnostic info like which instances are not sleeping, how many users are currently active on the server and if possible get periodically active minecraft users list.

damago1 posted this 22 September 2020

Ok. I found it too:

The documentation is VERY confusing in this respect.

  1. you have to connect to the exact instance you want to check users in. So give port number of specific application when logging in or making API calls. You cannot use the port number or Instance Manager.

  2. you can use the API CALL:

Core/GetUserList - this returns simply a list of users

or

Core/GetStatus - here you will have inside information on the users too, in the form of a number :

example output:

{"State":50,"Uptime":"0:00:00:00","Metrics":{
 "CPU Usage":{"RawValue":0,"MaxValue":100,"Percent":0,"Units":"%","Color":"#EDC240","Color2":"","Color3":"#000"}, 
"Memory Usage":{"RawValue":0,"MaxValue":1024,"Percent":0,"Units":"MB","Color":"#AFD8F8"},
"Active Users":{"RawValue":0,"MaxValue":10,"Percent":0,"Units":"","Color":"#CB4B4B"},
"TPS":{"RawValue":0,"MaxValue":20,"Percent":0,"Units":"TPS","Color":"#fff"}}}

Live Chat Register to post
Categories
Search
Popular Tags
Hot Topics
Close