Token not working (trying to retrieve DNSKEY)

I’m trying to retrieve my DNSKey and DS information via the API so I can input the info with my domain registrar. I’m on an Ubuntu 20.04.1 server.

I’m running curl -X GET https://desec.io/api/v1/domains/ --header “Authorization: Token {token}” as the docu specifies (replacing {token} with the token listed under Token Management when I log into the website). Instead of the 200 OK and the domain info I get {“detail”:“Invalid token.”}

Any help?

I thought maybe I needed to retrieve a token via the API so I ran curl -X POST https://desec.io/api/v1/auth/login/ --header “Content-Type: application/json” --data @- <<< ‘{“email”: “youremailaddress@example.com”, “password”: “yourpassword”}’ as the docu says. When I run this all I get is a > prompt with no other return.

Hi Chad,

Thank you for your message, and welcome to deSEC! :slight_smile:

(replacing {token} with the token listed under Token Management when I log into the website). Instead of the 200 OK and the domain info I get {“detail”:“Invalid token.”}

You probably took the value in the left column as the token. However, that’s not the token, but it is the token ID. The ID is there so that both you and we can distinguish tokens with otherwise similar properties. Admittedly, that’s a little confusing, and we are going to improve it.

The token itself is only displayed once, in a small popup at the bottom of the screen, when you create the token. Can you give it another try and check if you can find it?

As to why your curl command doesn’t work properly, it’s probably a local problem. Which operating system and shell are you using? – Please note, also, that your command contains non-standard quotes ( instead of ", as well as instead of '). Maybe that’s confusing your shell.

Stay secure,
Peter

Thanks Peter! I completely missed the token info. Was able to grab it and got the curl commands to work properly.

The token itself is only displayed once
The call curl
curl -X GET https://desec.io/api/v1/auth/tokens/ --header “Authorization: Token $onetoklen”
is not showing the token, it show only the IDs.

This ist confusing, because the web alway shows the IDs - but never the the token itself.
I never got any popup in the web dialog.

And even the method
echo ‘{“token”: “newtoken”}’ | curl -X POST https://desec.io/api/v1/auth/tokens/{id} --header “Authorization: Token $oldTOKEN” --header “Content-Type: application/json” --data @-

seems to work.

The token management is a little bit confusing.

unset desecioTOKEN

GitHub - dominictarr/JSON.sh: a pipeable JSON parser written in Bash

eval desecioTOKEN=$(echo ‘{“email”: “mymail@mail.com”, “password”: “secure”}’ | curl -X POST https://desec.io/api/v1/auth/login/ --header “Content-Type: application/json” --data @- | ./JSON.sh | fgrep ‘[“token”’ | awk -F’\t’ ‘{print $2;}’)
echo $desecioTOKEN

So I get a token in front of the following curl for the descapi.

But I can not script such things for example in the FritzBox.
Does anybody found a solution for pre setup Boxes like FritzBox?
An Update URL for dessc.io with user and password.

A token from dessec.io is only valid for a few minutes - it would be a problem to change the update URL in the a router manually every day.

For my IoT project the JSON.sh works now very fine, to get a new token for every call, even if I have no idea, why not using a usual login an instead using this "token"s.
I hope there is no limit of tokens.