API

Using API users

The API user type creates a user with a token and secret. This can be used to authenticate with the Pritunl Zero web console and any services. Below is example python code authenticating with the API.

import requests, time, uuid, hmac, hashlib, base64
BASE_URL = 'https://zero.example.com'
API_TOKEN = 'R5kegvHN9gnH1GO17wBenjXckircG055'
API_SECRET = 'fs1WLga5lq8hjEYo9uBrODMeviSRIkOj'

def auth_request(method, path, headers=None, data=None):
    auth_timestamp = str(int(time.time()))
    auth_nonce = uuid.uuid4().hex
    auth_string = '&'.join([API_TOKEN, auth_timestamp, auth_nonce,
        method.upper(), path])
    auth_signature = base64.b64encode(hmac.new(
        API_SECRET, auth_string, hashlib.sha512).digest())
    auth_headers = {
        'Pritunl-Zero-Token': API_TOKEN,
        'Pritunl-Zero-Timestamp': auth_timestamp,
        'Pritunl-Zero-Nonce': auth_nonce,
        'Pritunl-Zero-Signature': auth_signature,
    }
    if headers:
        auth_headers.update(headers)
    return getattr(requests, method.lower())(
        BASE_URL + path,
        verify=True,
        headers=auth_headers,
        data=data,
    )

print auth_request('GET', '/settings')