Openemr rest api does not seem to be starting/listening

hanksterr7 · August 14, 2021, 6:20am

Hi

I’m trying to interact with the Rest API’s using curl. No matter what I try, I get
curl: (7) Failed to connect to localhost port 8300: Connection refused

Getting this error trying the auth POST command to get a bearer token, and also doing this simple request:
curl -X GET -H ‘Content-Type: application/json’ ‘http://localhost:8300/apis/api/facility’

Tried with and without the 8300, and using http and https. Nothing changes

I did a netstat -a -b and I do not see anything listening on port 8300

I did see a service listening on localhost.49221. When I tried 49221 in the curl command, I did not get an error, but also got no response

I am using xampp 7.3.21-0 on mac. Tried openemr versions 5.0.2(4) and 6.0. I enabled the Rest API in admin|globals|connectors and logged out/on to openemr

The only changes I made to xampp were to get https working with a self-signed cert. I can access openemr via http or https

I am able to see appropriate results on the InternalApiTest.php page

Don’t see any errors in apache or php error logs

I saw the comments in a different thread about /apis/.htaccess directives being overwritten by apache conf file, and I tried making the changes to the Directory section in apache conf, but no effect.

I also can’t figure out where in the openemr code that port 8300 is specified

Any ideas why there does not seem to be anything listening on port 8300, or what else to try to get openemr responding to the various curl statements listed in the api documentation?

Thanks

Nilesh_Hake · August 14, 2021, 7:16am

Hi @hanksterr7,

Please use your url not the forum mentioned url and replace approrciated request and it get resolved your issue

adunsulag · August 14, 2021, 2:14pm

@hanksterr7

How did you install OpenEMR? That 8300 is the default port for the docker configuration of OpenEMR. You mentioned you are using xamp so what port is your xampp configured to run apache on? The defaults I believe are 80 and 443 so if you aren’t using the docker install and haven’t specifically overridden your apache LISTEN directive then OpenEMR should be running on the default ports.

Have you checked your apache access / error logs to figure out if the requests are even hitting the server?

hanksterr7 · August 14, 2021, 3:33pm

Oh I am such a dummy!
I added openemr to the url (since I normally open openemr in a browser via http://localhost/openemr) and removed the 8300 and it worked!
Thanks so much. Hope this helps someone else avoid hours of beating head on wall

hanksterr7 · August 14, 2021, 3:52pm

One suggestion, so others don’t make such dumb mistakes:
I got my info on how to use the api’s from this page

github.com

openemr/openemr/blob/master/API_README.md

# OpenEMR REST API Documentation

## Overview

Easy-to-use JSON-based REST API for OpenEMR. All code is done in classes and separate from the view to help with codebase modernization efforts. FHIR is also supported, see FHIR API documentation [here](FHIR_README.md)

## Implementation

REST API endpoints are defined in the [primary routes file](_rest_routes.inc.php). The routes file maps an external, addressable
endpoint to the OpenEMR controller which handles the request, and also handles the JSON data conversions.

```php
"POST /api/patient" => function () {
    RestConfig::authorization_check("patients", "demo");
    $data = (array) (json_decode(file_get_contents("php://input")));
    $return = (new PatientRestController())->post($data);
    RestConfig::apiLog($return, $data);
    return $return;
}
```

This file has been truncated. show original

All of the examples mention localhost:8300, and I didn’t see much obvious on that page that says the examples are tuned for the docker install
If the examples said
curl -X POST ‘http://[openemr root path]/apis/default/api/facility’
instead of
curl -X POST ‘http://localhost:8300/apis/default/api/facility’
that would have been much clearer

Similarly, in several threads (such as Cannot get API to work), I’ve seen @brady.miller give example api calls that specify localhost and a port and not add a comment such as “replace localhost:8300 with your domain name and path to the openemr root”. I know, that should be obvious, but there are lots of newbies diving into this
Thanks

adunsulag · August 14, 2021, 4:35pm

We appreciate the suggestion. If you’d like to make a code contribution via a code request on github to update the documentation that’d be awesome. A lot of us develop on the docker as we have to test on many different php versions and server configurations and the docker environments enable us to do so.

We’ll try to keep other environments in mind as we write documentation but we rely on a community of volunteers to make things better for everyone.

hanksterr7 · August 15, 2021, 11:38pm

So I am able to talk to the Rest API in openEMR v5 by getting a bearer token via apis/api/auth, and using the token in subsequent calls to the api

When I switch to openemr v6, this doesn’t work. I get an error saying
OpenEMR Error - api site error, so forced exit

I see that the api interactions are different in v6 vs v5. Just want to verify that what worked in v5 (that I described above) doesn’t work in v6, and I need to use a different authorization / authentication process, as described in this document. Correct?

Thanks

github.com

openemr/openemr/blob/master/API_README.md

# OpenEMR REST API Documentation

## Overview

Easy-to-use JSON-based REST API for OpenEMR. All code is done in classes and separate from the view to help with codebase modernization efforts. FHIR is also supported, see FHIR API documentation [here](FHIR_README.md)

## Implementation

REST API endpoints are defined in the [primary routes file](_rest_routes.inc.php). The routes file maps an external, addressable
endpoint to the OpenEMR controller which handles the request, and also handles the JSON data conversions.

```php
"POST /api/patient" => function () {
    RestConfig::authorization_check("patients", "demo");
    $data = (array) (json_decode(file_get_contents("php://input")));
    $return = (new PatientRestController())->post($data);
    RestConfig::apiLog($return, $data);
    return $return;
}
```

This file has been truncated. show original

Rachel_Ellison · August 16, 2021, 7:34am

There were some changes to authentication with the API as of version 6. It’s possible that the documentation you’re looking at was written for version 5.

The discussion on the changes here might be useful to you.

Thanks,

adunsulag · August 16, 2021, 2:05pm

So API authentication requires you to register an API client now as our APIs now follow the OAuth2 specification. You will need the updated documentation in V6 to register your api client and also to get back your access token. In addition to registration we now require that you specify the resource scopes you want access to as part of your authorization.

Once you’ve registered an API client you’ll be able to get bearer tokens using the password grant (note in the future we will allow OpenEMR servers to enable / disable what kinds of grants the server is allowed to use so be aware if you are writing an application for many different OpenEMR installations you will want to be able to support both the password_grant and the authorization_code grant). If your API is just for your own OpenEMR server then you should be good with continuing with the password_grant.

hanksterr7 · August 16, 2021, 3:43pm

Ok, thanks.
I got the Rest api to work, doing these steps below, all from a terminal window on mac, talking to openemr v6 running in xampp, via https using a locally signed cert (I list them so others might find this helpful)

I used the password grant as you mention

I see a way to get an updated refresh token via curl in a terminal window, once one has a refresh_token. But I don’t see a way to get an access_token or refresh_token via curl in a terminal window. The documentation mentions: “This is done by using an OAuth2 client”, so I assume there is no way to do this in a terminal window. Using the password grant works, but as is indicated, is “far less secure”. Good enough for my purposes.

steps:
– register my client session via
curl -X POST -k -H ‘Content-Type: application/json’ -i https://localhost/openemr/oauth2/default/registration --data ‘{
“application_type”: “private”,
“redirect_uris”:
[“https://localhost/callback”],
“client_name”: “A Private App”,
“token_endpoint_auth_method”: “client_secret_post”,
“contacts”: [“me@example.org”, “them@example.org”],
“scope”: “openid offline_access api:oemr api:fhir api:port user/patient.read”
}’

–Get a bearer token via a password grant using the client_id returned from the above call:
curl -X POST -k -H ‘Content-Type: application/x-www-form-urlencoded’
-i ‘https://localhost/openemr/oauth2/default/token’
–data ‘grant_type=password&client_id=[a client_id]&scope=openid%20offline_access%20api%3Aoemr%20api%3Afhir%20user%2Fpatient.read&user_role=users&username=[a usr name]&password=[a pswd]’

– get patients, using the returned access_token as the value of bearer token
curl -X GET ‘http://localhost/openemr/apis/default/api/patient’
-H ‘Authorization: Bearer [bearer token]’