Authentication problem to obtain API key

Hello ,

I can’t get a Rest Full client (boomerang or YARC!) under edge or chrome
the API key in authenticated mode. Of course if I unlock by Phoscon App it works.
My environment is:
windows 10, Conbee2, firmware 26780700, App in V2.18.0.

What can I do ?

Thanks for your help
AlanGi

Try with command line and curl

curl http://IP:PORT/api/ -X POST -d '{"devicetype": "TestKey"}'

I tried but I still get error 403
Thanks.

Of course if I unlock by Phoscon App it works

Yes, it can explain the error 403. But one time you have your api key, you can use it without unlocking the gateway. You need to unlock the gateway only to have a new api key.

Try now for exemple http://IP:PORT/api/APIKEY/config without unlocking the gateway.

If I retrieve the API key it works. But it seems that this key changes every time you stop the DECONZ program or when you turn the machine on again. So each time you have to launch PHOSCON APP, unlock, stop Phoscon app then make the request. The set is not functional directly after a reboot.

Thanks.

Not normal, API key are stored 1 minut after the creation in the SQL database (and they are not IP/host dependant)
Can you check http://IP:PORT/api/APIKEY/config ith a working API key ? You will see a field “whitelist”, how many key have you in it ?

You are not using docker/VM or other OS with not persistant stuff ?

I throw :
http://192.168.107.99:80/api/CFA5B1D3CC/config in Boomerang sous edge
Results :
“whitelist”: {
“CFA5B1D3CC”: {
“create date”: “2022-09-09T16:20:12”,
“last use date”: “2022-09-09T16:23:43”,
“name”: “my application”
}

Every time I restart deCONZ, I find the zigbee modules in the graphical interface (including dimmers).
But when I launch Phoscon it does a new search to find them.

No VM no docker. Windows 10 64bits

Thank you for your help.

Ok so

  • api key are not stored
  • device information are not stored

How are the node name in the GUI, like 0xXXXX or real name ?
Its relay like if the SQL database is not writted.

What is your deconz version ?
Can you take a look in the GUI in logs when enabling “info” “info_l2”, “error” and “error_l2” ?
Can you make a try in “admin” mode ?

Thanks to your help I understood that there was a problem with the DB.
So I uninstalled deconz.
Then I searched for traces of the app.
I found a directory:
C:\Users\Alangi\AppData\Local\dresden-elektronik\deCONZ
which was not removed by the uninstallation.
I deleted it and redid the installation, now the API key remains well remembered.

Thank you for your help and your availability.
Cordially.
AlanGi

1 Like

Ha yes I remember this kind of issue, for exemple Aquara Multi Sensors (Temperature/Pressure/Humidity) no longer reporting temperature · Issue #5974 · dresden-elektronik/deconz-rest-plugin · GitHub

What was you previous deconz version ? (not the firmware one)

I was on 2.18.0 and came back to 2.17.1.
But I mostly deleted the directory:
C:\Users\Alangi\AppData\Local\dresden-elektronik.

I wonder what happens if I switch users on the PC because
in this case access to this folder must be blocked.
Wouldn’t it be better to store this folder in the same
directory than the DeConz application? (I speak for the Windows version)

Loool, it’s exaclty my opinion, on my applications I never use registry but ini file stored locally.
But it’s not “windows rules”, when you instal an aplication the OS ask for “specified user” or “all users” no ?

(Sorry I m on windows too, but always admin and no additionnal account)

@Smanar
The installer can ask for the current user or all users.
But installing deconz doesn’t do that.
I tried to use another account (and which is not admin) and in this case when we launch
deconz it creates another DB and therefore we lose the registered modules. When we
resumes the original account we find the modules.
This prohibits changing accounts when the configuration of the zigbee network is complete.

Thanks you.

Ok so on windows, you can install deconz under one user, and have the setting on this user.
Then launch deconz under another user and ofc deconz will run but without the setting.

@Mimiix Do you know if it’s normal or an issue for DE ?

If it’s installed per user, you get this situation.

Perhaps a install for all users is missing as a feature.

Good question, I m on windows, but never tested it (I m always admin) and I m not sure for “windows installations rules”

Rather than using a “user” directory why not install everything in the installtion directory
which is selectable at install time?
This avoids rights issues on a folder. For my part I asked the installation in:
D:\Dev\Deconz.
This installed fine in that location but also using a directory I hadn’t requested:
C:\users\alangi\Appdata…
When we uninstall this directory c:\user\alangi… remains on the disk while the other d:\Dev\Deconz is
emptied and deleted

@de_employees

Currently the installer supports two methods: 1) installation for the current user, where the binaries are located in the users AppData directory and 2) installation as admin here the binaries land in c:\program files (x86) but user data still in user directory.

On Windows it’s all a bit messy historically, internally deCONZ uses Qt libraries to resolve paths to the users AppData directories, Qt doesn’t support “all users” paths. It could be hand coded and perhaps C:\ProgramData (which was C:\Users\All Users in earlier Windows versions) can be an option in future.

Using just the installation directory is troublesome, because this might not be writable, as in case of the admin installation (but C:\ProgramData is as far as I understand). Of course everything can be handled but it adds complexity to keep the installation in a valid state, e.g. what to do if you install for all users and later on for single user: move the config to new location, write registry to new location and ignore old config? Unfortunately on Windows this gets messy quickly.

Imho the biggest challenge is that people love to up and downgrade. Consider a user installs a new “all users” deCONZ version, downgrades to earlier version which didn’t support it, now we have two configurations and no way to determine which one is the proper one.

It’s not optimal but I hope the current way to locate config under users directory works for most users.