Product Knowledge
JumpServer API Interface Calls: Comprehensive Guide
API Introduction
JumpServer provides authentication interfaces and rich API endpoints for automated operations, integration, and management.
API Access
| JumpServer version | Access method | example |
|---|---|---|
| >=4.0.0 | http:// |
http://loaclhost/api/docs/ |
API Authentication Types
| API Authentication Types | Description |
|---|---|
| Session | After logging into JumpServer, you can directly use <session_id> as an authentication method |
| Token | A one-time token valid for 24 hours |
| Private Token: | A permanent token that never expires |
| Access Key | A mechanism for authentication and authorization |
Session
After logging into JumpServer, you can directly use <session_id> as an authentication method, obtained as follows
For example,Create assets in python
import requests
url = "http://loaclhost/api/v1/assets/hosts/"
querystring = {"platform":"1"}
payload = {
"platform": {"pk": 1},
"nodes": [{"pk": "70c0cf0e-c841-440d-854b-f820847e4cca"}],
"protocols": [
{
"name": "ssh",
"port": 22
}
],
"labels": [],
"is_active": True,
"name": "RULEhedan",
"address": "10.0.10.1",
"accounts": []
}
cookies = {
'jms_sessionid': 'bsdbocm1nadjgkb016ov4v2evjfwgsxn',
'jms_csrftoken': 'jHJWRcQRGo94yqLSFUY7tuMbaKTp37I8'
}
headers = {
'Content-Type': 'application/json',
'Accept': 'application/json',
'X-JMS-ORG': '00000000-0000-0000-0000-000000000002',
'X-Csrftoken': 'jHJWRcQRGo94yqLSFUY7tuMbaKTp37I8'
}
response = requests.post(url, headers=headers, cookies=cookies,json=payload,params=querystring)
print(response.text)
Token: A one-time token valid for 24 hours, obtained as follows
curl -X POST https://localhost/api/v1/authentication/auth/ -H ‘Content-Type: application/json’ -d ‘{“username”: “admin”, “password”: “passwd”}’
For example, getting the asset list
import requests
url = "http://loaclhost/api/v1/assets/platforms/"
querystring = {"category":"host","offset":"0","limit":"100","display":"1","draw":"1"}
headers = {"Authorization": "Bearer uXJ6He7P8TGPEiSbC98z6jB6f15HV1aTWuuz"}
response = requests.request("GET", url, headers=headers, params=querystring)
print(response.text)
Private Token: A permanent token that never expires, needs to be obtained by accessing the bastion host server
docker exec -it jms_core /bin/bash
cd /opt/jumpserver/apps
python manage.py shell
from users.models import User
u = User.objects.get(username='admin')
print(u.create_private_token())
EOF
u.private_token
For example, getting asset authorizations
import requests
url = "http://loaclhost/api/v1/perms/asset-permissions/"
querystring = {"asset":"","node":"","offset":"0","limit":"100","display":"1","draw":"1"}
headers = {"Authorization": "Bearer uXJ6He7P8TGPEiSbC98z6jB6f15HV1aTWuuz"}
response = requests.request("GET", url, headers=headers, params=querystring)
print(response.text)
Access Key: An access key that needs to be created in under after logging into the bastion host
For example,Create assets in python
import requests
from httpsig.requests_auth import HTTPSignatureAuth
KEY_ID = '2e94d229-0025-4ab5-bef7-adb31ad4f300'
SECRET = '68068a5e-3a82-4503-ac73-c3101581d81f'
signature_headers = ['(request-target)', 'accept', 'date', 'host']
headers = {
'Accept': 'application/json',
'Date': "Mon, 22 Dep 2023 18:35:05 GMT"
}
auth = HTTPSignatureAuth(key_id=KEY_ID, secret=SECRET,
algorithm='hmac-sha256',
headers=signature_headers)
payload = {
"platform": {"pk": 1},
"nodes": [{"pk": "70c0cf0e-c841-440d-854b-f820847e4cca"}],
"protocols": [
{
"name": "sftp",
"port": 22
},
{
"name": "ssh",
"port": 22
},
],
"labels": [],
"is_active": True,
"name": "class_new1",
"address": "10.0.10.1",
"accounts": []
}
req = requests.post('http://loaclhost/api/v1/assets/hosts/',json=payload,auth=auth, headers=headers)
print(req.content.decode('utf-8'))
