Highlighted
The_Dje
1 Nickel

Avamar Rest API

Jump to solution

Hello 

I have a question regarding the REST API with Avamar

We are currently running Avamar 7.5.1 and the documentation does not make sense.

the documentation on restAPI : https://www.emc.com/collateral/TechnicalDocument/docu87664.pdf 

talk about component that does not seem to exist

Example for the session the documentation mention to do a curl https://server:8543/rest-api/versions

when I do this i obtain a 404

jfillon@sv-2000lvp76 ~]$ curl -k -D- -X GET https://bk-2000app04.tbrs.local:8543/rest-api/versions
HTTP/1.1 404
Content-Type: text/html;charset=utf-8
Content-Language: en
Content-Length: 1095
Date: Mon, 03 Jun 2019 08:06:26 GMT
Connection: close
Server: Avamar

<!doctype html><html lang="en"><head><title>HTTP Status 404 – Not Found</title><style type="text/css">h1 {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size:22px;} h2 {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size:16px;} h3 {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size:14px;} body {font-family:Tahoma,Arial,sans-serif;color:black;background-color:white;} b {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;} p {font-family:Tahoma,Arial,sans-serif;background:white;color:black;font-size:12px;} a {color:black;} a.name {color:black;} .line {height:1px;background-color:#525D76;border:none;}</style></head><body><h1>HTTP Status 404 – Not Found</h1><hr class="line" /><p><b>Type</b> Status Report</p><p><b>Message</b> &#47;rest-api&#47;versions</p><p><b>Description</b> The origin server did not find a current representation for the target resource or is not willing to disclose that one exists.</p><hr class="line" /><h3>Apache Tomcat/8.5.34</h3></body></html>[jfillon@sv-2000lvp76 ~]$

so the page does not exit.

now on the 7.5.1 system there is a REST API as if i browse the URL swager as in the documentation 18.2 i do have aswagger and the restapi server is getting started when i start the MCS

 

[jfillon@sv-2000lvp76 ~]$ curl -v -k https://bk-2000app04.tbrs.local/api/swagger-ui.html
* About to connect() to bk-2000app04.tbrs.local port 443 (#0)
* Trying 10.3.50.50...
* Connected to bk-2000app04.tbrs.local (10.3.50.50) port 443 (#0)
* Initializing NSS with certpath: sql:/etc/pki/nssdb
* skipping SSL peer certificate verification
* SSL connection using TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
* Server certificate:
* subject: E=root,CN=BK-2000APP04.tbrs.local,OU=Dell EMC,O=Dell Technologies,L=Irvine,ST=California,C=US
* start date: Apr 21 09:50:02 2017 GMT
* expire date: Apr 20 09:50:02 2022 GMT
* common name: BK-2000APP04.tbrs.local
* issuer: E=root,CN=BK-2000APP04.tbrs.local,OU=Dell EMC,O=Dell Technologies,L=Irvine,ST=California,C=US
> GET /api/swagger-ui.html HTTP/1.1
> User-Agent: curl/7.29.0
> Host: bk-2000app04.tbrs.local
> Accept: */*
>
< HTTP/1.1 200 OK
< Date: Mon, 03 Jun 2019 08:13:25 GMT
< X-Content-Type-Options: nosniff
< X-XSS-Protection: 1; mode=block
< Cache-Control: no-cache, no-store, max-age=0, must-revalidate
< Pragma: no-cache
< Expires: 0
< X-Frame-Options: SAMEORIGIN
< X-Application-Context: Kylin:production:9000
< Last-Modified: Thu, 18 Oct 2018 16:40:09 GMT
< Accept-Ranges: bytes
< Content-Type: text/html
< Content-Length: 3246
<
<!DOCTYPE html>
<html>
<head>
<meta charset="UTF-8">
<title>Swagger UI</title>
<link rel="icon" type="image/png" href="webjars/springfox-swagger-ui/images/favicon-32x32.png" sizes="32x32"/>
<link rel="icon" type="image/png" href="webjars/springfox-swagger-ui/images/favicon-16x16.png" sizes="16x16"/>
<link href='webjars/springfox-swagger-ui/css/typography.css' media='screen' rel='stylesheet' type='text/css'/>
<link href='webjars/springfox-swagger-ui/css/reset.css' media='screen' rel='stylesheet' type='text/css'/>
<link href='webjars/springfox-swagger-ui/css/screen.css' media='screen' rel='stylesheet' type='text/css'/>
<link href='webjars/springfox-swagger-ui/css/reset.css' media='print' rel='stylesheet' type='text/css'/>
<link href='webjars/springfox-swagger-ui/css/print.css' media='print' rel='stylesheet' type='text/css'/>

<script src='webjars/springfox-swagger-ui/lib/object-assign-pollyfill.js' type='text/javascript'></script>
<script src='webjars/springfox-swagger-ui/lib/jquery-1.8.0.min.js' type='text/javascript'></script>
<script src='webjars/springfox-swagger-ui/lib/jquery.slideto.min.js' type='text/javascript'></script>
<script src='webjars/springfox-swagger-ui/lib/jquery.wiggle.min.js' type='text/javascript'></script>
<script src='webjars/springfox-swagger-ui/lib/jquery.ba-bbq.min.js' type='text/javascript'></script>
<script src='webjars/springfox-swagger-ui/lib/handlebars-4.0.5.js' type='text/javascript'></script>
<script src='webjars/springfox-swagger-ui/lib/lodash.min.js' type='text/javascript'></script>
<script src='webjars/springfox-swagger-ui/lib/backbone-min.js' type='text/javascript'></script>
<script src='webjars/springfox-swagger-ui/swagger-ui.min.js' type='text/javascript'></script>
<script src='webjars/springfox-swagger-ui/lib/highlight.9.1.0.pack.js' type='text/javascript'></script>
<script src='webjars/springfox-swagger-ui/lib/highlight.9.1.0.pack_extended.js' type='text/javascript'></script>
<script src='webjars/springfox-swagger-ui/lib/jsoneditor.min.js' type='text/javascript'></script>
<script src='webjars/springfox-swagger-ui/lib/marked.js' type='text/javascript'></script>
<script src='webjars/springfox-swagger-ui/lib/swagger-oauth.js' type='text/javascript'></script>

<script src='webjars/springfox-swagger-ui/springfox.js' type='text/javascript'></script>
</head>

<body class="swagger-section">
<div id='header'>
<div class="swagger-ui-wrap">
<a id="logo" href="http://swagger.io"><img class="logo__img" alt="swagger" height="30" width="30" src="webjars/springfox-swagger-ui/images/logo_small.png" /><span class="logo__title">swagger</span></a>
<form id='api_selector'>
<div class='input'>
<select id="select_baseUrl" name="select_baseUrl"/>
</div>
<div class='input'><input placeholder="http://example.com/api" id="input_baseUrl" name="baseUrl" type="text"/></div>
<div id='auth_container'></div>
<div class='input'><a id="explore" class="header__btn" href="#" data-sw-translate>Explore</a></div>
</form>
</div>
</div>

<div id="message-bar" class="swagger-ui-wrap" data-sw-translate>&nbsp;</div>
<div id="swagger-ui-container" class="swagger-ui-wrap"></div>
</body>
</html>
* Connection #0 to host bk-2000app04.tbrs.local left intact
[jfillon@sv-2000lvp76 ~]$

any though on this ?

is the documentation wrong 

 

 

 

 

 

0 Kudos
1 Solution

Accepted Solutions
ionthegeek
4 Beryllium

Re: Avamar Rest API

Jump to solution

So the not-so-secret secret is that the 18.2 REST API existed in 7.5.1... but it was not a public API, so using it for developing your own software is not supported on this release.

This API is what the new HTML5 AUI uses to communicate with Avamar MCS.

0 Kudos
5 Replies
ionthegeek
4 Beryllium

Re: Avamar Rest API

Jump to solution

Are you certain the system is running Avamar 7.5.1?

Assuming the system is 7.5.1, the REST API compatible with this release is a separate, installable component. This component is only available by RPQ. I should also note that the older "Concerto" API is no longer being actively developed, so I would strongly recommend any new apps be written for the 18.2 API.

0 Kudos
The_Dje
1 Nickel

Re: Avamar Rest API

Jump to solution

Thanks, ionthegeek

I'm rather certain that it's running a 7.5.1 🙂

So I found that the following the 18.2 documentation worked for me 

have a look at this 

admin@BK-REDACTED:~/>: gsan --version
version: 7.5.1-101
build date: Dec 15 2017 08:40:56
msg format: 13-10
SSL: TLSv1 OpenSSL 1.0.2l-fips 25 May 2017
Zlib: 1.2.3
LZO: 1.08 Jul 12 2002
platform: Linux
OS version: SLES-64
Processor: x86_64
admin@BK-REDACTED:~/>: mcserver.sh --version
version: 7.5.1-101_HF302282
PostgreSQL version: postgres (PostgreSQL) 9.4.13
db schema version: 7.5.1.22
views schema version: 7.5.0.5
admin@BK-REDACTED:~/>: {

admin@BK-REDACTED:~/>: curl -k -vvv -X POST -u MCUser:XXXXXXXXXXXXXXXX -H "Content-Type: application/json" --data @Body.json https://localhost/api/v1/oauth2/clients
* Hostname was NOT found in DNS cache
* Trying ::1...
* Connected to localhost (::1) port 443 (#0)
* successfully set certificate verify locations:
* CAfile: none
CApath: /etc/ssl/certs/
* SSLv3, TLS handshake, Client hello (1):
* SSLv3, TLS handshake, Server hello (2):
* SSLv3, TLS handshake, CERT (11):
* SSLv3, TLS handshake, Server key exchange (12):
* SSLv3, TLS handshake, Server finished (14):
* SSLv3, TLS handshake, Client key exchange (16):
* SSLv3, TLS change cipher, Client hello (1):
* SSLv3, TLS handshake, Finished (20):
* SSLv3, TLS change cipher, Client hello (1):
* SSLv3, TLS handshake, Finished (20):
* SSL connection using TLSv1.2 / ECDHE-RSA-AES128-GCM-SHA256
* Server certificate:
* subject: C=US; ST=California; L=Irvine; O=Dell Technologies; OU=Dell EMC; CN=BK-REDACTED.xxxx.local; emailAddress=root
* start date: 2017-04-21 09:50:02 GMT
* expire date: 2022-04-20 09:50:02 GMT
* issuer: C=US; ST=California; L=Irvine; O=Dell Technologies; OU=Dell EMC; CN=BK-REDACTED.xxxx.local; emailAddress=root
* SSL certificate verify result: self signed certificate (18), continuing anyway.
* Server auth using Basic with user 'MCUser'
> POST /api/v1/oauth2/clients HTTP/1.1
> Authorization: Basic TUNVc2VyOldpbGwtQkUtNTU1ODg4
> User-Agent: curl/7.37.0
> Host: localhost
> Accept: */*
> Content-Type: application/json
> Content-Length: 369
>
* upload completely sent off: 369 out of 369 bytes
< HTTP/1.1 200 OK
< Date: Tue, 04 Jun 2019 07:41:15 GMT
< X-Content-Type-Options: nosniff
< X-XSS-Protection: 1; mode=block
< Cache-Control: no-cache, no-store, max-age=0, must-revalidate
< Pragma: no-cache
< Expires: 0
< X-Frame-Options: SAMEORIGIN
< X-Application-Context: Kylin:production:9000
< Content-Type: application/json;charset=UTF-8
< Transfer-Encoding: chunked
<
{
"clientName" : "toto.rh.REDACTED.local",
"clientId" : "efe2cf51-5aea-466b-9c99-bcdbb48248f0",
"clientSecret" : "Gl5DfnQyxBHBDrAvjwjQun7b+raM3gL2KJiRa1LewlvEdHTvvMtYfdr5xQxE5lZ7criVg5aq/UZUPNpDZg9Pw",
"redirectUris" : [ "https://my-app-server/callback" ],
"scopes" : [ "read", "write" ],
"autoApproveScopes" : [ "all" ],
"authorizedGrantTypes" : [ "password" ],
"accessTokenValiditySeconds" : 1800,
"refreshTokenValiditySeconds" : 43200
* Connection #0 to host localhost left intact
}admin@BK-REDACTED:~/>:

This is why I got really confused, I knew back then Avamar REST API was only installable as stand alone appliance or on BRM with PS engagement but it look like from 7.5.1 it is like in 18.1/18.2 Rest API is shipped with MCS.

We have upgrade to 18.2 planned within the month but I found this to be weird to have the documentation of 18.2 working for 7.5.1.

 

as you can see this is a call to get the client registered to obtain an Oauth2 token and this is referenced in 18.2 and not in 7.5.1 REST API documentation which refers to the old API.

In that old API the session was open via the URL: https://RESTAPISERVER:8543/rest-api/login

If i do a Curl

admin@BK-REDACTED:~/>: curl -k -vvv -X POST -u MCUser:xxxxxxxxxx -H "Content-Type: application/json" --data @Body.json https://localhost:8543/rest-api/login
* Hostname was NOT found in DNS cache
* Trying ::1...
* Connected to localhost (::1) port 8543 (#0)
* successfully set certificate verify locations:
* CAfile: none
CApath: /etc/ssl/certs/
* SSLv3, TLS handshake, Client hello (1):
* SSLv3, TLS handshake, Server hello (2):
* SSLv3, TLS handshake, CERT (11):
* SSLv3, TLS handshake, Server key exchange (12):
* SSLv3, TLS handshake, Server finished (14):
* SSLv3, TLS handshake, Client key exchange (16):
* SSLv3, TLS change cipher, Client hello (1):
* SSLv3, TLS handshake, Finished (20):
* SSLv3, TLS change cipher, Client hello (1):
* SSLv3, TLS handshake, Finished (20):
* SSL connection using TLSv1.2 / ECDHE-RSA-AES256-GCM-SHA384
* Server certificate:
* subject: C=US; ST=California; L=Irvine; O=Dell Technologies; OU=Dell EMC; CN=BK-REDACTED.xxxxx.local
* start date: 2017-04-21 09:41:01 GMT
* expire date: 2022-04-20 09:41:01 GMT
* issuer: C=US; ST=California; L=Irvine; O=Dell Technologies; OU=Dell EMC; CN=BK-REDACTED.xxxxx.local
* SSL certificate verify result: self signed certificate (18), continuing anyway.
* Server auth using Basic with user 'MCUser'
> POST /rest-api/login HTTP/1.1
> Authorization: Basic TUNVc2VyOldpbGwtQkUtNTU1ODg4
> User-Agent: curl/7.37.0
> Host: localhost:8543
> Accept: */*
> Content-Type: application/json
> Content-Length: 369
>
* upload completely sent off: 369 out of 369 bytes
< HTTP/1.1 404
< Content-Type: text/html;charset=utf-8
< Content-Language: en
< Content-Length: 1092
< Date: Tue, 04 Jun 2019 08:00:18 GMT
< Connection: close
* Server Avamar is not blacklisted
< Server: Avamar
<
<!doctype html><html lang="en"><head><title>HTTP Status 404 – Not Found</title><style type="text/css">h1 {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size:22px;} h2 {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size:16px;} h3 {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size:14px;} body {font-family:Tahoma,Arial,sans-serif;color:black;background-color:white;} b {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;} p {font-family:Tahoma,Arial,sans-serif;background:white;color:black;font-size:12px;} a {color:black;} a.name {color:black;} .line {height:1px;background-color:#525D76;border:none;}</style></head><body><h1>HTTP Status 404 – Not Found</h1><hr class="line" /><p><b>Type</b> Status Report</p><p><b>Message</b> &#47;rest-api&#47;login</p><p><b>Description</b> The origin server did not find a current representation for the target resource or is not willing to disclose that one exist* Closing connection 0
* SSLv3, TLS alert, Client hello (1):
s.</p><hr class="line" /><h3>Apache Tomcat/8.5.34</h3></body></html>admin@BK-REDACTED:~/>:

For the moment i'm still at the dev part preparing my API call's so change of API will not be too much of an issue.

and the swagger is very usefull.

Would be cool if this post would get a bit of a refresh though 🙂

https://community.emc.com/blogs/LGTOman

I lost quite sometime following wrong track 😛

 

 

 

 

 

 

0 Kudos
ELF_RTT
1 Copper

Re: Avamar Rest API

Jump to solution

I am running Avamar 18.2 and am looking to authenticate against the REST-API. 

The part I can't seem to get right is the body. In the manual it references "CLIENT_ID", "CLIENT_NAME" and "PASSWORD", but it does not explain how to go about identifying those values.  Are you able to explain what they mean?  Is the Body an input to or an output from the authentication call?

0 Kudos
ionthegeek
4 Beryllium

Re: Avamar Rest API

Jump to solution

So the not-so-secret secret is that the 18.2 REST API existed in 7.5.1... but it was not a public API, so using it for developing your own software is not supported on this release.

This API is what the new HTML5 AUI uses to communicate with Avamar MCS.

0 Kudos
ionthegeek
4 Beryllium

Re: Avamar Rest API

Jump to solution

The clientId, clientName, and clientSecret fields are part of the OAuth 2 specification. The instructions on page 15 of the 18.2 REST API Getting Started Guide are a walkthrough for creating the client record.

https://support.emc.com/docu92032_Avamar-18.2-REST-API-Getting-Started-Guide.pdf?language=en_US

The clientId, clientName, and clientSecret should be supplied by you. The OAuth website has more information on what these values are and what they are used for but essentially these values are used to register and identify the "app" that is making the REST API calls.

https://www.oauth.com/oauth2-servers/client-registration/client-id-secret/

The body is the body of the HTTP request being sent to the server. This is typically in JSON format when making REST API calls.

An HTTP request that sends a JSON body looks something like this:

POST /actions/login
Content-Type: application/json
X-Other-Header: Value

{
  "Key": "Value",
  "Key": "Value"
}

The body of this request is everything after the newline at the end of the headers (i.e. the {} and everything in between). On page 15 of the Avamar 18.2 Getting Started guide, it shows a more complete example of a POST body.

0 Kudos