Resolved Curl Request 401 Unauthorized

[R2bEEaton]

Hello!

I am very new to Plesk and I'm doing this for a friend who is also stumped. He's got a Plesk server set up and wants to access the Rest API remotely, but whenever he or I try on our own machines, we get the following error:

[root@vps ~]# curl -i -k -X GET -u admin:thepasswordgoeshere -H "Content-Type: application/json" -H "Accept: application/json" "https://domain:8443/api/v2/domains"​

HTTP/1.1 401 Unauthorized
Server: sw-cp-server
Date: Sat, 09 Nov 2019 19:13:43 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: *
Access-Control-Allow-Headers: *
WWW-Authenticate: Basic realm="Plesk RESTful API"
​

I tried to check if he had any IP's banned and that that might be any issue, but I didn't see any. So, how do I remotely connect to a Plesk Onyx for Linux Rest API?

 

[Bitpalast]

Is API access enabled in /usr/local/psa/admin/conf/panel.ini?

[api]
enabled=on

 

[R2bEEaton]

Is API access enabled in /usr/local/psa/admin/conf/panel.ini?

[api]
enabled=on

How would I enable this in the web interface?

Edit: I found the panel.ini editor extention and pasted the api enable to the editor and hit save, but it still appears to not work. Also, my friend was wrong, we are on Plesk Obsidian.

 

[Bitpalast]

Did you consider that you need to submit an API key as explained in section (6) of About REST API ?

Like

curl -X GET -H "X-API-Key: 5c6f1a8a-1263-7444-24e5-fcfd7b4dcdc6" -H "Content-Type: application/json" -H "Accept: application/json" "https://domain:8443/api/v2/domains"

While your individual key is different of course.

 

[R2bEEaton]

Yes, but as per the example there:

curl -X POST --user rootassword -H "Content-Type: application/json" -H "Accept: application/json" -d'{}' "https://domain:8443/api/v2/auth/keys"
​

You still need to use the normal authentication method to even generate an API key in the first place. And also, as far as I can tell, the API key appears to be optional and you can just use the normal curl authentication for each request. Also, that command above still returns a 401 Unauthorized.

 

[Bitpalast]

I tried to reproduce the error, but was unlucky. Here it works. Are your sure that you are using the right password? Because when I run

curl -X POST --user root:MySSHRootPasswd -H "Content-Type: application/json" -H "Accept: application/json" -d'{}' "https://DomainName:8443/api/v2/auth/keys"

I immediately get the API key. A test with a wrong password results in a silent exit, but not an "unauthorized". In your first post you are using "admin" as a user name. In that case you must use the admin login password of Plesk. As an alternative, try root as a user name and the SSH root password of the machine. Both versions work. You might have mixed the access credentials?

Another thought: Is the domain correct?

And have you restarted the psa service after adding the [api] enabled = on section?

 

[R2bEEaton]

Yes, I'm sure I'm using the correct password for the admin account. It's the same one I use to log in here:


If you add an -i flag to your test with a wrong password you will see the unauthorized bit. And yes, I'm using the correct domain (same as what I use for the web portal) and did restart the service after enabling the API using the Panel.ini editor extension.


I have no idea why this couldn't be working D:

Edit: Also... wait... we're on Onyx. I'm so confused.

Edit 2: So apparently the SSH root credentials were the way to go, but I have no idea why the admin didn't work.

Now what I'm stuck on is getting parameters for curl into PhP and was wondering if you knew anything about that.
Imgur

I get a malformed JSON error.

 

[Bitpalast]

Great that you found out that you had to use the SSH credentials to solve the "unauthorized" condition. I will set the thread to "solved".

For your new question, please open a new thread with an appropriate title, so that others see the new issue and can respond accordingly. It is most often a bad idea to mix topics in the same thread. It is too confusing.

 

[Moisés Márquez]

One more thing on that.

I've found that this petition currently fails silently if curl uses HTTP > 1.1. So --http1.1 needs to be added to the petition.