Book Demo!

XTAM API Python Example

Published by Mark Klinchin on

This article provides a small example of Python script calling XTAM REST API. The example access XTAM REST API to retrieve current user information and XSRF REST API token. Then the example demonstrates the functions to access secret data of a specified record and to create a new record in the specified folder. The article also contains an example of accessing XTAM REST API using API authentication token.

To view XTAM’s full, interactive REST API utilizing the OpenAPI format, navigate to Adminstration > Settings > Application Nodes > API Documentation.

Looking for REST API examples using other scripts? Click PowerShell examples, Shell examples, VBScript examples or Python examples for additional information.

Below is the script demonstrating accessing records secret data and creating a new record. Details of the API calls are outlined in the comments. Note the use of the XSRF token to call data modification functions. The script intention is to illustrate details of the protocol. As a result, the script does not process network errors leaving it to the implementation.

# ------------------------------------------------------------------------------------
# XTAM REST API access script example for Python
# 
# The script will demonstrate the following functions 
#    * to access secret fields of the existing record
#    * to create a new record
# ------------------------------------------------------------------------------------

import requests
import json
from http.cookies import SimpleCookie

# ------------------------------------------------------------------------------------
# Script parameters define XTAM objects used in the script
# ------------------------------------------------------------------------------------

# Authentication parameters
url = 'https://xtam.company.com/xtam' # XTAM REST API URL
login = 'xtam_login'
password = 'xtam_password'

# XTAM Object IDs and names used in the script
rid = 'i-2qhyGh2UB0V' # Record ID to retrieve
fid = 'i-2Zh30SUCq7c' # Folder ID to create a new record in
tid = 'i-83XfwpNvCHy' # Record Type ID for the new record creation
recordName = 'New Record' # Name for the new record
recordDescription = 'New record description' # Description of the new record
recordCustom = '{"Host":"host", "Port":24, "User":"user", "Password":"password"}' # Custom data for the new record

# ------------------------------------------------------------------------------------
# Call to /user/whoami function returns current user data.
# In addition, this call returns an REST API token for cross site scripting protection.
# ------------------------------------------------------------------------------------
r = requests.get(url + '/rest/user/whoami', auth=(login, password))
user = r.json()

# Print user information retrieved from the XTAM server
print('Hello ' + user['firstName'] + ' ' + user['lastName'])

# Access REST API token for cross-site scripting protection and save it in the xsrf variable
cookie = SimpleCookie()
cookie.load(r.headers['Set-Cookie'])
xsrf = cookie['XSRF-TOKEN'].value
#print(xsrf)

# ------------------------------------------------------------------------------------
# Example call /record/unlock to retrieve secret data of a record
# ------------------------------------------------------------------------------------
r = requests.get(url + '/rest/record/unlock/' + rid, auth=(login, password))
record = r.json()
custom = json.loads(record['custom'])
print('{0}: {1} ({2}/{3})'.format(record['name'], custom['Host'], custom['User'], custom['Password']))

# ------------------------------------------------------------------------------------
# Example call to /record/new to create a new record
# Note that calls that modify XTAM data must include REST API token
# ------------------------------------------------------------------------------------
resp = requests.post(url + '/rest/record/new/' + fid + '/' + tid,
   data={'name':recordName,'description':recordDescription, 'custom':recordCustom},
   headers={'Content-Type':'application/x-www-form-urlencoded', 'Accept':'application/json', 'X-XSRF-TOKEN':xsrf},
   auth=(login, password))
   
print(resp)

# ------------------------------------------------------------------------------------
# Example call to /folder/create to create a new folder to demonstrate json payload
# Note that calls that modify XTAM data must include REST API token
# ------------------------------------------------------------------------------------
resp = requests.post(url + '/rest/folder/create/' + fid, 
	json={'name':'Py Folder','description':'Py Description'}, 
	headers={'Content-Type':'application/json', 'Accept':'application/json', 'X-XSRF-TOKEN':xsrf}, 
	auth=(login, password))

print(resp.text)

The next example demonstrates the technique of connecting to XTAM REST API using API authentication tokens. As before, details of the script use are outlined in the comments.

# ------------------------------------------------------------------------------------
# XTAM REST API access script example for Python
# 
# The script will demonstrate API access using API tokens
# ------------------------------------------------------------------------------------

import requests
import json
from http.cookies import SimpleCookie

# ------------------------------------------------------------------------------------
# Script parameters define XTAM objects used in the script
# ------------------------------------------------------------------------------------

# Authentication parameters
url = 'https://xtam.company.com/xtam' # XTAM URL
cas = 'https://xtam.company.com/cas' # XTAM Federated Sign-In URL
token = 'yourXTAMtoken' # XTAM Token

# ------------------------------------------------------------------------------------
# Authentication using the token
# ------------------------------------------------------------------------------------
# Exchange REST API Token for a service ticket in Federated Sign-In Service.
# Note that a service ticket is short lived so it should be quickly exchanged to more permanent session cookie
# Also note disabling of redirects to catch service ticket in the Location header.
r = requests.get('{0}/login?service={1}/'.format(cas,url), headers={'token':token}, allow_redirects=False)
location = r.headers['Location']

# Exchange service ticket for a session cookie in XTAM.
# Save the session cookie to use in consecutive calls
r = requests.get(location, allow_redirects=False)
jar = r.cookies

# ------------------------------------------------------------------------------------
# Call to /user/whoami function returns current user data.
# In addition, this call returns an REST API token for cross site scripting protection.
# ------------------------------------------------------------------------------------
# Note the use of cookies parameter replacing auth parameter used for basic authentication
r = requests.get(url + '/rest/user/whoami', cookies=jar)
user = r.json()

# Print user information retrieved from the XTAM server
print('Hello ' + user['firstName'] + ' ' + user['lastName'])

# Access REST API token for cross-site scripting protection and save it in the xsrf variable
cookie = SimpleCookie()
cookie.load(r.headers['Set-Cookie'])
xsrf = cookie['XSRF-TOKEN'].value
print('XSRF Token: ' + xsrf)

Out next example demonstrates the technique of connecting to XTAM REST API using user and password when logging in to XTAM server with enabled Federated Sign-In (CAS) component. As before, details of the script use are outlined in the comments.

# ------------------------------------------------------------------------------------
# XTAM REST API access script example for Python
# 
# The script will demonstrate API access using API tokens
# ------------------------------------------------------------------------------------

import requests
import json
from http.cookies import SimpleCookie

# ------------------------------------------------------------------------------------
# Script parameters define XTAM objects used in the script
# ------------------------------------------------------------------------------------

# Authentication parameters
url = 'https://xtam.company.com/xtam' # XTAM URL
cas = 'https://xtam.company.com/cas' # XTAM Federated Sign-In URL
username = 'XTAM-user-name' # XTAM Account
password = 'XTAM-user-password' # XTAM Account Password

# ------------------------------------------------------------------------------------
# Authentication using user / password for Federated Sign-In component
# ------------------------------------------------------------------------------------
# Get TGT ticket granting ticket from user and password.
# Note that a TGT ticket is short lived so it should be quickly exchanged to more permanent session cookie
# Also note disabling of redirects to catch service ticket in the Location header.
r = requests.post('{0}/v1/tickets'.format(cas), data={'username':username,'password':password}, headers={'Content-Type':'application/x-www-form-urlencoded'}, allow_redirects=False)
location = r.headers['Location']

# get service ticket (ST) from TGT.
r = requests.post(location, data={'service':'{0}/'.format(url)}, allow_redirects=False)
st=r.text

# Exchange service ticket for a session cookie in XTAM.
# Save the session cookie to use in consecutive calls
r = requests.get('{0}/?ticket={1}'.format(url,st),allow_redirects=False)
jar = r.cookies

# ------------------------------------------------------------------------------------
# Call to /user/whoami function returns current user data.
# In addition, this call returns an REST API token for cross site scripting protection.
# ------------------------------------------------------------------------------------
# Note the use of cookies parameter replacing auth parameter used for basic authentication
r = requests.get(url + '/rest/user/whoami', cookies=jar)
user = r.json()

# Print user information retrieved from the XTAM server
print('Hello ' + user['firstName'] + ' ' + user['lastName'])

# Access REST API token for cross-site scripting protection and save it in the xsrf variable
cookie = SimpleCookie()
cookie.load(r.headers['Set-Cookie'])
xsrf = cookie['XSRF-TOKEN'].value
print('XSRF Token: ' + xsrf)
Categories: xton
Tags:

Mark Klinchin

I am Co-Founder and CEO of Xton Technologies. I am interested in computers, software development, cyber security, content management, photography, image processing and mathematics.

Related Posts

Enable Windows Remote Management Domain Policy
xton

How to enable Windows Remote Management using domain policy

Xton Access Manager (XTAM) uses Windows Remote Management technology to execute jobs such as password reset on the remote Windows computers. WinRM is enabled on the windows computer using the following command executed from command Read more…

XTAM Multi-node deployment using MS Network Load Balancer NLB
xton

Configuring Windows Server NLB for Multi-Node Deployment

Configuring Windows Server NLB for Multi-Node Deployment Architecture This article discusses details of Windows Network Load Balancer (NLB) configuration to balance two or more XTAM Server nodes. Earlier we discussed XTAM Server multi-node architecture built Read more…

XtonTech XTAM Xton Access Manager privileged accounts virtual MFA shared MFA
Industry

The Challenge of Multi-Factor Authentication and Shared Accounts

Recently, I wrote about the importance of combining multi-factor authentication (MFA) and privileged access management. According to 2018 Global Password Security Report, 45% of organizations are already using two-factor authentication (2FA) and the 451 Group Read more…

Legal | Privacy Policy
Copyright © 2020 Xton Technologies, LLC. All rights reserved.