API keys?

[karlshea 8]

Where did the API key settings go? I have Sonarr connected and it's got a key set and it's working, but it's a different key than I get from clicking on the "API" link at the bottom of the Server dashboard.

[Cheesegeezer 3086]

Yeah, I was looking for them the other day.

 

However you should just have to use the UserID in your call to the API. I don't use the apikey at all in any of my calls to API.

[chef 3745]

But, I think he means the Auth token the API creates once the app or user has been authenticated....

Edited November 4, 2015 by chef

[Cheesegeezer 3086]

Maybe I'm being naive, not sure what sonarr is, but if it's a plugin and requires API access then it's not required as each userid generates its own authorization. If using swagger the auth token is populated automatically alowing thE use of the API.

 

Maybe put some logging in your app to to show the string of the auth token.

 

Just some ideas

[karlshea 8]

Sonarr (https://sonarr.tv/) (used to be called NzbDrone) has a Media Browser connect plugin to ping Emby when a download has finished.

 

There is nowhere to add a username, there's just a place to enter an API key that up until a release or two ago you could generate from within the Emby Server admin area.

 

And like I said, this is still functioning. Sonarr can still communicate with Emby, so that key exists in Emby's database somewhere. I just didn't see anything communicated about why that feature isn't exposed anymore.

 

In fact, here is the announcement of the API key support on the Emby blog:

 

Api security has been revamped, and going forward, applications will require either your password or your permission via an api key in order to communicate with Media Browser. We are in discussion with both Sickbeard and Nzbdrone to receive notifications from them when new content is added.

 

You'll be able to generate api keys for both of these applications which you will then enter into their configuration. If they don't have a key, they will not have access to your Media Browser Server. You can be sure we're doing everything we can to secure your data. Note: existing Media Browser apps will be given a grace period to migrate to the new authentication system

And here's the screenshot of the feature from the announcement:

 

 

I've only been using Emby for a couple of months, so this disappeared very recently. The whole "Security" tab is totally gone.

 

(which it looks like someone else noticed too: http://emby.media/community/index.php?/topic/27063-sidebar-menu-item-advanced-tab-security/)

Edited November 4, 2015 by karlshea

[karlshea 8]

I found the key, it's stored in the authentication.db SQLite file, in the AccessTokens table:

 

[binary guid is here]|01d020ce373c4510b1a4cca5dc591a83||Sonarr||||1|2015-08-30 23:29:10.821526Z|

[karlshea 8]

This is the commit where the security tab was removed, on Sept 14th:

 

https://github.com/MediaBrowser/Emby/commit/dbfd8c62e068a63b7f83a2c6527f470bcf5b238f

 

So are API keys for other applications not supported anymore?

Edited November 4, 2015 by karlshea

[chef 3745]

these client types must be authenticating differently then they use to.

 

To be honest I don't know how sonarr would be authenticating with out a user login.

 

What type of information is sonarr getting from the server?

Edited November 5, 2015 by chef

[Angelblue05 4130]

@@karlshea

 

I'm confused by this entire thread.

 

You can manually set API keys in your emby dashboard > advanced > security.

In Sonarr, you add it to the settings > connect > emby option.

 

That's all you need to do? Or am I missing something? 

[Cerothen 89]

these client types must be authenticating differently then they use to.

 

To be honest I don't know how sonarr would be authenticating with out a user login.

 

What type of information is sonarr getting from the server?

 

I don't think that Sonarr actually takes any information from the server at all. In my case it lets Emby know that a new show has been added (since they reside on different virtual appliances and operating systems the add new content automatically based on the file system doesn't work) and a refresh should take place. It also provides a link for notifications.

 

@@karlshea

 

I'm confused by this entire thread.

 

You can manually set API keys in your emby dashboard > advanced > security.

In Sonarr, you add it to the settings > connect > emby option.

 

That's all you need to do? Or am I missing something? 

 

The issue here is that in the latest stable release the option under "Dashboard > Advanced" where "Security" would normally be is totally gone.

[karlshea 8]

I don't think that Sonarr actually takes any information from the server at all. In my case it lets Emby know that a new show has been added (since they reside on different virtual appliances and operating systems the add new content automatically based on the file system doesn't work) and a refresh should take place. It also provides a link for notifications.

 

 

The issue here is that in the latest stable release the option under "Dashboard > Advanced" where "Security" would normally be is totally gone.

That is correct. The commit I referenced above is where the Security tab was removed.

[crashkelly 62]

Interested in where this went as well. Used it a bit ago, month or so, to create an API key for Sonarr and after an upgrade atsomepoint it was gone.

 

Was a handy feature.

 

Thanks

CrashKelly

[FrostByte 5042]

Same here.  I use it to create a key to troubleshoot playback issues with Samsung devices and searched all over for it a few weeks ago thinking I must be going blind

[Luke 37010]

i didn't realize it will be used for sonarr so it will be restored for the next release, the custom keys at least. 

[crashkelly 62]

i didn't realize it will be used for sonarr so it will be restored for the next release, the custom keys at least. 

 

Thanks much, appreciated.

 

Cheers

CrashKelly

[karlshea 8]

Awesome, thanks!

[Gernash 19]

Phew, I was a sad panda as well, 

[altexy 0]

Hi all!

 

I have upgraded my Emby Server to 3.0.5781.1.

Before I use web/serversecurity.html page to create API keys.

To open page above I clicked Advanced menu and then Security link.

But in latest version this page is not implemented.

 

How can I create API key now?

Is it deprecated?

 

With best regards

Alexander

[altexy 0]

Thanks to attach my port to proper thread.

All I may do at the moment is to use API key by clicking on the "API" link at the bottom of the Server dashboard.

[topnomi 1]

i didn't realize it will be used for sonarr so it will be restored for the next release, the custom keys at least.

 

I may have missed it, but this does not appear to be in the latest beta or stable release.  Not trying to rush or anything, but don't want to get forgotten

 

any news @@Luke?

[nicheplayer 8]

I'd use this, too, if it ever comes back.

[Luke 37010]

It will. I keep forgetting this.

[topnomi 1]

It will. I keep forgetting this.

I figured

 

Thought i'd bump it up in your mind

[GollyJer 17]

Would love to see this if you remember Luke.  :-)

[jant90 15]

A new user of Emby here, I throught I was going crazy haha. I'm now using an API key from the web UI (easy to copy from swagger-ui) but I guess that key gets destroyed / deactivated as soon as I log that user out?

 

Do keys also expire automatically (other than manually logging out)? Or should my external app be able to keep using it as long as I don't manually log that session off?