API Login using Username and Password

Collapse
X
Collapse
 
  • Page of 1
  • Time
  • Show
Clear All
new posts
Previous template Next
  • rmorgan
    Member
    • Feb 2019
    • 70
    #1

    API Login using Username and Password

    Hi, I have 2FA setup on my ESPOCRM system to ensure that it is secure as possible.

    I have a separate reports sever using python and Streamlit which uses the API to communicate to ESPOCRM. I am currently using the API key method for development purposes and it works fine, but when I release the code I would like for people to login using the same credentials as ESPOCRM so it looks like a single seamless application. I do not believe that this is possible using the username and password via the API due to TFA. Is there a way around this or have I got this incorrect?
    Tags: None
    • emillod
      Active Community Member
      • Apr 2017
      • 1536
      #2
      It's possible to generate API key in EspoCRM via GUI, it still seems seamless flow And it's even better, because user will not have to change their passwords in many places if they'll have to change password to EspoCRM.

        Comment

        • rmorgan
          Member
          • Feb 2019
          • 70
          #3
          Originally posted by emillod
          It's possible to generate API key in EspoCRM via GUI, it still seems seamless flow And it's even better, because user will not have to change their passwords in many places if they'll have to change password to EspoCRM.
          I don't follow what you are suggesting.

          My original thought was to login via API using their normal username and password but this doesnt seem to be supported due to TFA. My python app can use an API key once the user has been verified but I need to prove that it is secure. At the moment I think that I will have to setup a separate method independant to ESPOCRM where I can check credentials and then use the API Key method to talk to ESPOCRM once somebody has been verified.

            Comment

            • yuri
              EspoCRM product developer
              • Mar 2014
              • 9532
              #4
              It's possible with Basic Authentication. Everything that is possible via the UI, is possible via the API as Espo is a SPA. The frontend communicates with the backend via REST API.

              API overview - EspoCRM Documentation
              https://docs.espocrm.com/development/api/#basic-authentication
              If you find EspoCRM good, we would greatly appreciate if you could give the project a star on GitHub. We believe our work truly deserves more recognition. Thanks.

                Comment

                • rmorgan
                  Member
                  • Feb 2019
                  • 70
                  #5
                  Originally posted by yuri
                  It's possible with Basic Authentication. Everything that is possible via the UI, is possible via the API as Espo is a SPA. The frontend communicates with the backend via REST API.

                  https://docs.espocrm.com/development...authentication
                  But if I am correct, it is not possible with TFA setup?

                    Comment

                    • yuri
                      EspoCRM product developer
                      • Mar 2014
                      • 9532
                      #6
                      It's possible to authenticate with 2FA too. Everything that is possible via UI is possible via API.
                      If you find EspoCRM good, we would greatly appreciate if you could give the project a star on GitHub. We believe our work truly deserves more recognition. Thanks.

                        Comment

                        Previous template Next
                        Working...