[#749] Cluster account to get API key for individual company in company list using API

Bug Reports
,
1

Migrated from Redmine #749 | Author: MOZ ZOM
Status: New | Priority: High, I’m very impatient | Created: 2021-08-03

Hi,

we just jumped from regular account to cluster account with 19 sub-companies, namely:

cluster account url: https://smartspa.cluster.simplybook.vip/
company1: https://smartercg.secure.simplybook.vip/v2/
company2: 預約服務系統和免費的線上預約服務
.
.
.
.
.
I am building an applications to run the booking procedure for a common service amongst companies.
To do that, I’d have the request for an access token using API keys as stated on the API documentations.

I am wondering if there is a way to obtain the api key for each company listed out of my cluster account using API?
Or I would have to manually hard coded it in my application individually?

I come to noticed that there is a new option “activate API cluster …” under API custom features within sub-account and I’d like to know if the aforementioned problem can be solved by activating this option and how to use it properly.

Thank you.

※ the screen shot provided is the new option under API custom feature. Forgive me if its in Tradition Chinese. I could not find a easy way to alter the language.

2

Nicholas Alias wrote:

https://cluster-api.simplybook.vip

Hi, you can use cluster api

POST https://cluster-api.simplybook.vip/auth
Content-Type: application/json
X-Cluster: smartspa
{
“key”: “{{ key }}”
}

{% client.global.set(“token”, response.body.token); %}

//get company list
GET https://cluster-api.simplybook.vip/companies?filter[status]=active
Content-Type: application/json
X-Cluster: smartspa
X-Token: {{ token }}

//get company token
POST https://cluster-api.simplybook.vip/companies/{{ company_login }}/api-token
Content-Type: application/json
X-Cluster: smartspa
X-Token: {{ token }}

3

MOZ ZOM wrote:

Nicholas Alias wrote:

https://cluster-api.simplybook.vip

Hi, you can use cluster api

POST https://cluster-api.simplybook.vip/auth
Content-Type: application/json
X-Cluster: smartspa
{
“key”: “{{ key }}”
}

{% client.global.set(“token”, response.body.token); %}

//get company list
GET https://cluster-api.simplybook.vip/companies?filter[status]=active
Content-Type: application/json
X-Cluster: smartspa
X-Token: {{ token }}

//get company token
POST https://cluster-api.simplybook.vip/companies/{{ company_login }}/api-token
Content-Type: application/json
X-Cluster: smartspa
X-Token: {{ token }}

Hi Nicholas,

after a few trial and error. I was able to fetch the cluster token without any issue.
The problem comes when sending HTTP requests to “Get Company List” and “Get Company Token”:

if I include the “X-Token” in the header, it responded {“error”:“Unauthorized”}
if I include the “X-Token” in the body, it responded {‘error’: ‘Access denied’}

Thereafter, all my trials are in vein.
I am guessing to include the token in the body could be correct.
Please let me know if I am missing something.

Thank you.

4

Nicholas Alias wrote:

Hi
Are you using the token response.body.token that is response after this POST https://cluster-api.simplybook.vip/auth request?

like
GET https://cluster-api.simplybook.vip/companies?filter[status]=active
Content-Type: application/json
X-Cluster: clustermykola1
X-Token: ctk_be5a7d7789b78d4b246188d***

5

MOZ ZOM wrote:

yes, I am using the token acquired from https://cluster-api.simplybook.vip/auth

I am wondering if I have set up anything else in the cluster account

6

MOZ ZOM wrote:

*Update

I have successfully get the company token and company list.
Thank you.

7

MOZ ZOM wrote:

  • Another update and more questions

//get company token
POST https://cluster-api.simplybook.vip/companies/{{ company_login }}/api-token
Content-Type: application/json
X-Cluster: smartspa
X-Token: {{ token }}

I tried to use the token acquired from the above request to use other APIs within the company
Is there any difference from standard account?

I have changed the url from “https://user-api.simplybook.asia/” to “https://user-api.simplybook.vip
and try to use “getUnitList” method but it says access denied.

Do you use the token acquired from cluster account and use it as API key to call a valid token in individual companies?

8

Redmine Admin wrote:

this token should be used as token, not as API key

this.client = new JSONRpcClient({
        'url': 'https://user-api.simplybook.vim' + '/admin/',
        'headers': {
            'X-Company-Login': YOUR_COMPANY_LOGIN,
            'X-User-Token': token
        },
        'onerror': function (error) {}
    });
9

Redmine Admin wrote:

*



‘url’: ‘https://user-api.simplybook.vip’ + ‘/admin/’,

of course

10

MOZ ZOM wrote:

Dear All,

Ok I tried the suggested but still get “access denied” after firing the JSONRpcClient

I was able to fetch data from standard account and now running into problem.

I am using Python as main language and I was able to get company token in the following format:

@{‘token’: ‘148ca28ea—72a3a88e6cbba001489—75a290215647608f’, ‘company’: ‘smarterra’, ‘refresh_token’: ‘dbe1fd3ae031fa776—a653df2f7d03fe464da78a33efd’, ‘domain’: ‘simplybook.vip’}@

But if I try to use other API, say getEventList() method, as before (using standard account), the following message shows up

@{‘error’: {‘code’: -32600, ‘message’: ‘Access denied’, ‘data’: }, ‘id’: ‘1’, ‘jsonrpc’: ‘2.0’}@

I am using the following python code to build a client

@ def rpcResp_post(method, *param):
url = “https://user-api.simplybook.vip/admin/
headers = {
‘X-Company-Login’: ‘smarterra’,
‘X-Token’:‘148ca28ea—72a3a88e6cbba001489—75a290215647608f’
}
payload = {
“method”:method,
“params”:param,
“jsonrpc”:“2.0”,
“id”:1
}
response = requests.post(url, headers=headers, json=payload).json()
return response
rpcResp_post(“getEventList”,)@

Please let me know if I am missing anything.

11

Redmine Admin wrote:

It must be

'X-User-Token': token

as per my example above, not ‘X-Token’