Unable to login using the OpenEMR REST API

system · September 14, 2013, 2:58pm

bikash4mgrmtech wrote on Saturday, September 14, 2013:

Hi all,

I am new to OpenEMR. I am just using the REST API from ‘http://github.com/medmasterpro/openemr’, but I am unable login using the REST API.
I have checked some other repo too (for REST API):-
https://github.com/medmasterpro/openemr-api
https://github.com/medmasterpro/api
GitHub - oemr501c3/openemr-api: Prototype API for OpenEMR - Contributed by Med Master Mobile. LLC to OEMR

I have dig into the code myself and found the problem is due to change in user password authentication scheme is changed.
‘users.password’ field is outdated and ‘users_secure.password’ & ‘users_secure.salt’ are used for login by clients using a web-browser.
So, I updated ‘login.php’ file for REST api login.

My question is , Is anybody already working on this issue? And if not where can I contribute my-patch as I have found 3 projects going on REST API.

Thanks in advance
Bikash Barman
HealthCareNirvana.Com

system · September 14, 2013, 6:39pm

bradymiller wrote on Saturday, September 14, 2013:

Hi,

Here is the ongoing review with most current github branch of that code:
http://www.open-emr.org/wiki/index.php/Medmasterpro_API_Review#Overview

So, suggest working off the code there and then submitting your patch to that repo via github:
https://github.com/medmasterpro/openemr

I have medmasterpro’s email somewhere in my box, so we can also email them to see if they are working on this ( send me an email to brady@sparmy.com ) also in case they miss this post.

This has been a huge code review, which is taking a long time (due to minimal resources of OpenEMR; medmasterpro has been great and is usually very fast to respond). Will be nice to get another developer involved to help move this project along.

-brady
OpenEMR

system · September 17, 2013, 7:18am

bikash4mgrmtech wrote on Tuesday, September 17, 2013:

Hi,

I have created a patch using git. ‘openemr-rest-api-login.patch’
I have an account in github.com ‘bikash4hcn · GitHub’

Now, how do I donate this patch to ‘https://github.com/medmasterpro/openemr’
Or, how do I communicate with medmasterpro

Anyway, I am attaching the patch with this post.

Thanks in advance
Bikash Barman
HealthCareNirvana.Com

system · September 19, 2013, 5:19pm

yehster wrote on Thursday, September 19, 2013:

I have added a simple function to allow validation of user id and password with the new password/salting scheme. This function will allow confirmation of password in other scenarios as well. (such as verification of password when "locking’ a note).

system · September 22, 2013, 5:55am

bradymiller wrote on Sunday, September 22, 2013:

Hi Bikash,

Just sent an email to Medmaster Pro folks and cc’s you on it. To get code into that repo, suggest placing it on your github repo in a separate branch and then doing a pull request on github:
http://help.github.com/articles/using-pull-requests

-brady
OpenEMR

system · June 23, 2015, 7:31am

ashutoshw007 wrote on Tuesday, June 23, 2015:

Hi Bikash,
I have the same issue with login.
Can you please tell me how to use your this patch for logging in to openemr.
I unable to find any helpful answers on the forum even.

cornelius80 · August 6, 2019, 9:45am

Hi Brady and all,

I am trying to test the APIs listed in the following:

github.com

openemr/openemr/blob/master/API_README.md

![img](./public/images/openemr-rest-api.png)

### Goal

This project aims to provide an easy-to-use JSON-based REST API for OpenEMR's most common functions. All code will be done in classes and separate from the view to help with codebase modernization efforts.

### Team

- [@matthewvita](https://github.com/matthewvita)
- [@sjpadgett](https://github.com/sjpadgett)
- [@juggernautsei](https://github.com/juggernautsei)
- [@kofiav](https://github.com/kofiav)
- [@bradymiller](https://github.com/bradymiller)

### Prerequsite
Enable this API service in OpenEMR menu: Administration->Globals->Connectors->"Enable OpenEMR REST API"

### Using API Internally
There are several ways to make API calls from an authorized session and maintain security:
* See the script at tests/api/InternalApiTest.php for examples of internal API use cases.

This file has been truncated. show original

However, I can’t seem to be able to obtain a correct response.

Can anyone advise me on this, please?

Regards,
Cornelius

brady.miller · August 7, 2019, 9:09am

Hi @cornelius80 ,

Here’s a couple commands I use on API as examples of use:

curl --insecure -X POST -H 'Content-Type: application/json' 'https://localhost:9082/apis/api/auth' \
-d '{
    "grant_type":"password",
    "username": "YDS-admin-31",
    "password": "YDS-admin-31",
    "scope":"default"
}'

curl --insecure -X GET 'https://localhost:9082/apis/api/facility' \
  -H 'Authorization: Bearer q52JwjcRadsPK7TuH46XR4XGXDufaUYq6f656d7264656661756c74'

curl --insecure -X GET 'https://localhost:9082/apis/api/patient' \
  -H 'Authorization: Bearer CtKejlZzaqBWCv3m5XElOq616t9RyrQH6f656d7264656661756c74'