DSM 7.2 API clarification

Currently reading
DSM 7.2 API clarification

2
0
puqcloud.com
NAS
RS18017xs+
Operating system
  1. Linux
Mobile operating system
  1. Android
Hello,

I have an issue with the API on DSM 7.2, and I need some clarification.

According to the manual, I obtain the "sid" by using the following URL: https://xxxxxxxxxx/webapi/auth.cgi?...version=7&account=XXX&passwd=XXXXX&format=sid

Then, I execute the following command: https://xxxxxxxxxxxx/webapi/entry.c...&expired=normal&cannot_chg_passwd=false&_sid=<sid from the previous command>

And here comes the magic. If I connect to the private IP that belongs to Synology, everything works fine without any issues. However, if I connect to the public IP configured on Synology, I receive an error 105 (The logged-in session does not have permission).

Please help me understand this unclear situation.

Also, if anyone knows what the "ik_message" parameter is when logging into the Synology API via the web interface, please let me know. If I pass this parameter (generated by the web interface) for API operations, everything works fine.

Thank you in advance.
 
According to the manual, I obtain the "sid" by using the following URL: https://xxxxxxxxxx/webapi/auth.cgi?...version=7&account=XXX&passwd=XXXXX&format=sid
Not sure where you got the version=7 as a parameter. Can't find it in the API docs. Version 6 on the other hand is in there.

In any event, what works for me to get the login SID is this:

https://fqdn/webapi/entry.cgi?api=SYNO.API.Auth&version=6&method=login&account=<username>&passwd=<password>&otp_code=<code>

Never got 105 code... 102 sure, but not 105. Also, can't see any reference to the ik_message parameter in the documentation.

What documentation are you using?
 
Dear Rusty,

Thank you for your response. You are correct about using version=3. However, I am currently using DSM 7.2, which has a known issue.

In the documentation, it states that version 7 can be used. You can find this information on page 15 of the document:https://global.download.synology.co...s/DSM/All/enu/DSM_Login_Web_API_Guide_enu.pdf

I have noticed that the "ik_message" parameter is not mentioned in the documentation. However, through my analysis of the Synology Web interface, during the authentication process, it uses version=7 and an "ik_message" that appears to be the encoded timestamp of the current authentication session in the noise protocol.
 

Attachments

  • 2023-06-30_11-16.png
    2023-06-30_11-16.png
    100.8 KB · Views: 47
  • 2023-06-30_11-23.png
    2023-06-30_11-23.png
    18.3 KB · Views: 49

Create an account or login to comment

You must be a member in order to leave a comment

Create account

Create an account on our community. It's easy!

Log in

Already have an account? Log in here.

Old thread notice: There have been no replies in this thread for quite some time. The last reply was on .
The content in this thread may no longer be relevant. It might be better to open a new thread instead.

Similar threads

  • Question
Ofc you can make a single compose for this no problem. Personally I like to separate front end apps from...
Replies
10
Views
989
  • Solved
<<<<< SOLVED >>>>> OK so I decide to solve this by myself accordingly. Synology did offer me to go check...
Replies
1
Views
1,162
Port forwarding is the other way around: router port to NAS port. For reverse proxy is NAS to destination...
Replies
11
Views
3,728
I'll try to explain it better. At home I use a DS918+ with the following setup. server { listen...
Replies
6
Views
1,913

Welcome to SynoForum.com!

SynoForum.com is an unofficial Synology forum for NAS owners and enthusiasts.

Registration is free, easy and fast!

Trending threads

Back
Top