<div dir="ltr"><div>He folks,<br></div><div>   I was looking for information on accessing the web API from python. Between other info in this list the <a href="https://vda.li/en/posts/2015/05/28/talking-to-freeipa-api-with-sessions/">https://vda.li/en/posts/2015/05/28/talking-to-freeipa-api-with-sessions/</a> blog post and a little trial and error I got it working. The following python script logs in with a username and password then retrieves all the users in the development group and prints the uid.<br></div><div><br></div><div>  I hope this helps some folks out, and saves some time. <br></div><div><br></div><div><br></div><div><pre><em>#! /usr/bin/env python
</em>__author__ = <strong>'michaelluich'
</strong>author_email = <strong>'<a href="mailto:michael.luich@actifio.com">michael.luich@actifio.com</a>'</strong>,

<strong>import </strong>requests
<strong>import </strong>json

baseurl = <strong>'<a href="https://identity1.corp.actifio.com/ipa/session/">https://identity1.corp.actifio.com/ipa/session/</a>'
</strong>

<em># Fill in your details here to be posted to the login form.
</em>payload = {
    <strong>'user'</strong>: <strong>'USERNAME'</strong>,
    <strong>'password'</strong>: <strong>'PASSWORD'
</strong>}

<em># Use 'with' to ensure the session context is closed after use.
</em><strong>with </strong>requests.Session() <strong>as </strong>s:
    <em>#Login to the server
</em><em>    </em>headers = {<strong>'referer'</strong>: <strong>'<a href="https://identity1.corp.actifio.com/ipa/">https://identity1.corp.actifio.com/ipa/</a>'</strong>,
               <strong>"Content-Type" </strong>: <strong>"application/x-www-form-urlencoded"</strong>,
                <strong>"Accept" </strong>:<strong>"text/plain"</strong>,
               }
    p = s.post(baseurl+<strong>"login_password"</strong>, <span style="color:rgb(102,0,153)">verify</span>=<span style="color:rgb(0,0,128)">False</span>, <span style="color:rgb(102,0,153)">data</span>=payload, <span style="color:rgb(102,0,153)">headers</span>=headers)
    <em># print the html returned or something more intelligent to see if it's a successful login page.
</em><em>    </em><strong>if </strong>p.status_code != <span style="color:rgb(0,0,255)">200</span>:
        <strong>print </strong><strong>"Login Problem"
</strong><strong>        </strong><span style="color:rgb(0,0,128)">exit</span>(<span style="color:rgb(0,0,255)">77</span>)

    <em># Get the user list.
</em><em>    # The payload information can be found by running ipa -vv user-find.
</em><em>    </em>payload = {
    <strong>"id"</strong>: <span style="color:rgb(0,0,255)">0</span>,
    <strong>"method"</strong>: <strong>"user_find"</strong>,
    <strong>"params"</strong>: [
            [
                <em>#null
</em><em>            </em>],
            {
                <strong>"all"</strong>: <strong>"false"</strong>,
                <strong>"in_group"</strong>: [
                    <strong>"development"
</strong><strong>                </strong>],
                <strong>"no_members"</strong>: <strong>"false"</strong>,
                <strong>"pkey_only"</strong>: <strong>"false"</strong>,
                <strong>"raw"</strong>: <strong>"false"</strong>,
                <strong>"version"</strong>: <strong>"2.156"</strong>,
                <strong>"whoami"</strong>: <strong>"false"
</strong><strong>            </strong>}
        ]
    }

    headers = {<strong>'referer'</strong>: <strong>'<a href="https://identity1.corp.actifio.com/ipa/">https://identity1.corp.actifio.com/ipa/</a>'</strong>,
               <strong>'Content-Type'</strong>: <strong>'application/json'</strong>,
               <strong>'Accept'</strong>: <strong>'applicaton/json'</strong>,
               }
    r = s.post(baseurl+<strong>"json"</strong>, <span style="color:rgb(102,0,153)">verify</span>=<span style="color:rgb(0,0,128)">False</span>, <span style="color:rgb(102,0,153)">data</span>=json.dumps(payload), <span style="color:rgb(102,0,153)">headers</span>=headers)
    userJson=json.loads(r.text)

    <strong>for </strong>object <strong>in </strong>userJson[<strong>'result'</strong>][<strong>'result'</strong>]:
        <strong>print </strong>object[<strong>'uid'</strong>]

</pre> </div><div><br></div>--<div><div><div><div><div><div><div><div><div><div><div><div><div><div><div><br><div><table border="0" class=""><tbody><tr><td><a href="http://www.actifio.com/" target="_blank"><img src="http://www.actifio.com/assets/sig_logo.png" alt=""></a> </td><td><br></td><td><br></td><td><br></td><td><span style="color:rgb(113,127,129)"><strong>Michael Luich</strong></span><br><strong>Senior DevOps </strong><strong>Engineer</strong><br><span style="color:rgb(113,127,129)"><strong>e</strong> <a href="mailto:michael.luich@actifio.com" target="_blank">michael.luich@actifio.com</a></span><br><span style="color:rgb(113,127,129)"><br></span><span style="color:rgb(113,127,129)"> </span><br><br></td></tr></tbody></table><table border="0" cellpadding="2" class=""><tbody><tr><td><p><span style="color:rgb(113,127,129)">333 Wyman Street, Waltham, MA 02451</span></p></td></tr><tr><td><a href="http://twitter.com/actifio" target="_blank"><img src="http://www.actifio.com/assets/twitter1.png" alt=""></a>   <a href="http://www.linkedin.com/company/399246" target="_blank"><img src="http://www.actifio.com/assets/linkedin1.png" alt=""></a>   <a href="https://plus.google.com/102870897962348937868/posts" target="_blank"><img src="http://www.actifio.com/assets/googleplus.png" alt=""></a>   <a href="http://www.youtube.com/user/actifio" target="_blank"><img src="http://www.actifio.com/assets/youtube1.png" alt=""></a>   <a href="http://www.actifio.com/" target="_blank"><img src="http://www.actifio.com/assets/rss1.png" alt=""></a></td></tr></tbody></table><p><em>Manage, access, and protect your data with a single platform that saves you time, money, and complexity.</em></p></div></div></div></div></div></div></div></div></div></div></div></div></div></div></div></div></div>