Asterisk Forums

[shawn.ross]

Hello, I'm helping to develop a new application using the Extend API.
We have most of our code written out, and are using the Test Suite to validate the XML.

However, we can't find information on how to create the proper 'authentication' process. The Test Suite gives you a webform where you can type in the pertinent info, but doesn't list 'how' they communicate this to the Switchvox Server.

Is this simply an HTTP request that is sent in plain-text? I would think that sending an HTTP request w/ the username/password in cleartext would be insecure. What method should we be using to authenticate so that we can send the proper 'request' using the Admin Extend API?

[dpodolsky]

The extend API uses digest authentication and all communication goes over HTTPs (http redirects to https). You can read more about connecting and authenticating here:

http://developers.digium.com/switchvox/ ... e_overview

Digest Auth is supported in more libraries, usually just another setting. You can even supply credentials just using wget. See our WGET web post / tutorial about using it to connect to the Extend API:
http://developers.digium.com/switchvox/blog/?p=8

Hope this helps.

[rybu0305]

I am bumping this because even after reading everything at developers central and researching on web I don't understand how to authenticate.

I am new to XML and haven't programmed for years but we recently purchased Switchvox and I am excited to play with it.

So I will break it down this way.
I can go here and follow the instructions to login.
http://developers.digium.com/switchvox/ ... _Interface

The next step at the bottom links straight to "constructing requests".
http://developers.digium.com/switchvox/ ... g_Requests

What I can't figure out is how this xml code....

Code: Select all

<request method="switchvox.extensions.search">
    <parameters>
        <min_extension>100</min_extension>
        <max_extension>200</max_extension>
        <extension_types>
            <extension_typ>ivr</extension_typ>
            <extension_typ>call_queue</extension_typ>
        </extension_types>
    </parameters>
</request>

1) No where is a URL specified to send the request
2) How do you tell your xml file where to send the request?

Sorry if this is very basic but like I said I am new to XML.

[dpodolsky]

Look at this page again:
http://developers.digium.com/switchvox/ ... _Interface

At the top it tells you where to connect:

The Core Interface can be accessed through an easy URL:
https://YOUR.PBX.IP/xml

The IP / Hostname of the PBX is the URL where you will be sending your XML in a post body.

For authentication it uses digest auth:

The API uses digest authentication, and requires you to be authenticated as an administrator ('admin' or another administrator) or as an extension-user. If you have recently logged into your Switchvox Admin or User Suite, then you have already been authenticated and have the proper cookies set. If you are not logged in, then you will see the following prompt. (Read more about Authentication.)

This is not sent in the XML but sent in the digest auth parameters. If you are using a language Ruby / Perl / PHP look into how to send digest auth info with a simple HTTP request.



A great tutorial for you to look at is the WGET tutorial. Wget is a simple utility that comes on most Linux systems.
http://developers.digium.com/switchvox/blog/?p=8