Search code examples
androidapiauthenticationclientredmine

Can't make client API Redmine authentication

I'm trying to make android app - client for API Redmine. First I need is authentication, but I really don't understand how to implement it. (Using Retrofit) Documentation says only:

Most of the time, the API requires authentication. To enable the API-style authentication, you have to check Enable REST API in Administration -> Settings -> API. Then, authentication can be done in 2 different ways:

  1. using your regular login/password via HTTP Basic authentication. using your API key which is a handy way to avoid putting a password in a script. The API key

  2. may be attached to each request in one of the following way:

  • passed in as a "key" parameter
  • passed in as a username with a random password via HTTP Basic authentication
  • passed in as a "X-Redmine-API-Key" HTTP header (added in Redmine 1.1.0)

You can find your API key on your account page ( /my/account ) when logged in, on the right-hand pane of the default layout.

I found this solution:

  1. HTTP Basic auth – http://login:[email protected]/issues.xml
  2. HTTP Basic auth with API token and login – http://login:[email protected]/issues.xml- (not >supported yet)
  3. HTTP Basic auth with API token – http://RANDOM_KEY:[email protected]/issues.xml
  4. Full token auth – http://redmine.org/issues.xml?key=RANDOM_KEY

But it doesn't works. All open-source clients for API Redmine are using something like own servers/domains or what - i don't understand. Examples:

     - http://**my.server**/projects/test.xml?key=1234
     - http://**localhost:3000**/news.xml?key=01fc3e3832e32ae8c12bf0c3b0819ca4a5972825
     - https:**sample.redmine.com**/

I need some help to understand what is this (bold text). I can't make my requests, or BASE_URL in Retrofit without this

Solution

  • Redmine is an open source software package. As such, people install it on their own servers which makes their Redmine installation available on their own hostname (and possibly subpath).

    As such, when implementing a Redmine client, you usually need a way for users of the client to configure the base URL of their Redmine server, such as https://www.redmine.org or http://server.example.com:8080/redmine.

    All API requests you generate with your client are then relative to this base URL. But again, the base URL may be different for each user and need to be specified by them.