Accessing the LogicMonitor REST API with Postman and LMv1 API Token Authentication

5 years ago
25 May 2018
31 replies
1295 views

Userlevel 3

Kurt Huffman
6 replies

Introduction

Postman is widely used for interacting with various REST APIs such as LogicMonitor's. However, there is no out-of-the-box support for the LMv1 authentication method which we recommend as a best practice. This document describes how to configure Postman to use LMv1 authentication when interacting with our REST API.

Overview

Postman's pre-request script functionality provides the ability to generate the necessary Authorization header for LMv1 authentication. As the name suggests, the pre-request script runs immediately before the request is made to the API endpoint. We set the pre-request script at the collection level in Postman so that it will run automatically for every request that is part of the collection.

The script requires three input parameters: a LogicMonitor API token (or ID), its associated key, and the full request URL. These parameters are made available to the script by creating a Postman environment and setting the values as environment variables. If you need to access multiple LogicMonitor accounts (portals), create a separate environment for each to store the applicable API and URL information. Since all API requests to a given account use the same base URL (https://<account>.logicmonitor.com/santaba/rest) it is convenient to store this as an environment variable.

The output of the script is the value of the Authorization header. The script writes the header value to an environment variable which is then inserted as the Authorization header value in the request.

Instructions

1. Download and install Postman.
2. Launch Postman and create a new collection that will be used for all LogicMonitor API requests.
3. In the create collection dialog, select the "Pre-request Scripts" section and paste in the following code.

// Get API credentials from environment variablesvar api_id = pm.environment.get('api_id');var api_key = pm.environment.get('api_key');   

// Get the HTTP method from the requestvar http_verb = request.method;

// Extract the resource path from the request URLvar resource_path = request.url.replace(/(^{{url}})([^\?]+)(\?.*)?/, '$2');

// Get the current time in epoch formatvar epoch = (new Date()).getTime();

// If the request includes a payload, included it in the request variablesvar request_vars = (http_verb == 'GET'||http_verb == 'DELETE') ?http_verb + epoch + resource_path : http_verb + epoch + request.data + resource_path;   

// Generate the signature and build the Auth headervar signature = btoa(CryptoJS.HmacSHA256(request_vars,api_key).toString());var auth = "LMv1 " + api_id + ":" + signature + ":" + epoch;

// Write the Auth header to the environment variablepm.environment.set('auth', auth);

4. Create a new environment. Create the environment variables shown below. You do not need to provide a value for the "auth" variable since this will be set by the pre-request script. Be sure to use the api_id, api_key, and url values appropriate for your LogicMonitor account.

5. Create a request and add it to the collection with the pre-request script. A sample request is shown below with the necessary parameters configured.

1. 1. 1. Set the environment for the request,
  2. 2. Set the HTTP method for the request.
  3. 3. Use {{url}} to pull the base URL from the environment variable. Add the resource path and any request parameters your API request may require.
  4. 4. Add the Authorization header and set the value to {{auth}} to pull the the value from the environment variable.
  5. 5. POST, PUT, and PATCH requests only: if your request includes JSON data, be sure to select the Body tab and add it.

6. Press Send to send the request. The response will appear below the request in Postman.

Troubleshooting

You receive the response "HTTP Status 401 - Unauthorized"

Confirm the following:

• The proper environment has been specified for the request.
• The necessary environment variables have been set and their values are correct. Note that the script relies on the specific variable names used in this document: "api_id", "api_key", "url", and "auth".
• The request is a member of the collection configured with the pre-request script.

Postman reports "Could not get any response" or "There was an error in evaluating the Pre-request Script: TypeError: Cannot read property 'sigBytes' of undefined"

Make sure you have set the proper environment for the request and all necessary environment variables and values are present.

Show first post Hide first post

31 replies

Page 2 / 2

Userlevel 7

+18

Stuart Weenig
Quantum Professor
878 replies
7 months ago
31 January 2023

The code should look like this:

// Get API credentials from environment variablesvar api_id = pm.environment.get('api_id');var api_key = pm.environment.get('api_key');   

// Get the HTTP method from the requestvar http_verb = request.method;

// Extract the resource path from the request URLvar resource_path = request.url.replace(/(^{{url}})([^\?]+)(\?.*)?/, '$2');

// Get the current time in epoch formatvar epoch = (new Date()).getTime();

// If the request includes a payload, included it in the request variablesvar request_vars = (http_verb == 'GET'||http_verb == 'DELETE') ?http_verb + epoch + resource_path : http_verb + epoch + request.data + resource_path;   

// Generate the signature and build the Auth headervar signature = btoa(CryptoJS.HmacSHA256(request_vars,api_key).toString());var auth = "LMv1 " + api_id + ":" + signature + ":" + epoch;

// Write the Auth header to the environment variablepm.environment.set('auth', auth);

I’m getting a 200 response and the body bellow for any get requests I have done.

{
    "data": null,
    "errmsg": "Authentication failed",
    "status": 1401
}

Also to clarify:

api_id = access ID

api_key = access key

I have set up everything but still i’m getting the response above. My api key has administrator role.

Userlevel 7

+18

Stuart Weenig
Quantum Professor
878 replies
7 months ago
4 February 2023

Are you specifying v2 or v3 in the headers/parameters? If not, you’re probably defaulting to v1 which doesn’t work the same.

Thank you for the quick reply. Just tried it like this:

Now i’m getting 401.

Userlevel 7

+18

Stuart Weenig
Quantum Professor
878 replies
7 months ago
4 February 2023

Ok, that should work. I’d check your variables to make sure they don’t have a space or tab in them that’s making them invalid. Also check that you actually saved your token in LM when you generated it.

Userlevel 7

+18

Stuart Weenig
Quantum Professor
878 replies
1 month ago
26 July 2023

FYI, if you want to use Postman for posting to the LM Logs ingestion API endpoint, you’ll have to make some changes.

Cause:

LM decided to omit the /santaba/ portion of the URL. This means that when the pre-request script runs, it tries to pull out the endpoint using the url variable, which still contains the /santaba/ portion. So, authentication will fail. Gotta love non-standard URLs for the API.

Resolution:

All you need to do is override the pre-request script for this one request. Technically, you could modify the url variable in your environment’s variable list, but if you do this, you’ll break all other requests.

Use the following pre-request script for just the POST into LM Logs:

var api_id = pm.environment.get('api_id');
var api_key = pm.environment.get('api_key');
var http_verb = request.method; // this is always POST for this request
var resource_path = '/log/ingest';
var epoch = (new Date()).getTime();
var request_vars = http_verb + epoch + request.data + resource_path;
var signature = btoa(CryptoJS.HmacSHA256(request_vars,api_key).toString());
var auth = "LMv1 " + api_id + ":" + signature + ":" + epoch;
pm.environment.set('auth', auth);

Then configure the url like this:

https://<account>.logicmonitor.com/rest/log/ingest

Replacing <account> with your account name. Select POST and put the logs in the body. This works in my Postman, so I’d be interested to know if this is the only change required to post logs into LM Logs from Postman.

Kudos go to @Allen Van for discovering the root of this issue.

Page 2 / 2

Introduction

Overview

Instructions

Troubleshooting

You receive the response "HTTP Status 401 - Unauthorized"

Postman reports "Could not get any response" or "There was an error in evaluating the Pre-request Script: TypeError: Cannot read property 'sigBytes' of undefined"

Reply

Sign up

LogicMonitor Employee? Click here:

Login to the community

LogicMonitor Employee? Click here:

Scanning file for viruses.

This file cannot be downloaded