MAAS REST API with Candid

jverhave · 7 December 2023 12:51

Hi,

Could use some help with how to interact with the Maas API after the integration of Candid. It seems that we are unable to use the default method with the api key to make certain calls to Maas since we implemented Candid into our setup.

When execution a api call (with Python, by using the method described in the docs) to Maas we’re receiving the following error: "Unrecognised signature: method=GET "

Thanks!

r00ta · 7 December 2023 13:17

Hi @jverhave ,

With or without candid the way to make http calls to MAAS is the same. However, did you generate a new apikey since you integrated with Candid?

jverhave · 7 December 2023 13:32

Hi @r00ta

I’ve deleted the old key, re-generated a new api key but it didnt work. I’m still getting the unrecognised error.

To be sure, I assume that this is the correct way to configure Candid into Maas?

maas configauth --rbac-url '' --candid-agent-file /var/snap/candid/current/admin.keys --candid-domain '' --candid-admin-group admin

r00ta · 7 December 2023 13:40

depends on the content of /var/snap/candid/current/admin.keys. If you can redact the secrets, can you paste it here?

Also, I’d check in the maas logs if is there any exception that can give you an hint on a possible misconfiguration

jverhave · 7 December 2023 13:52

@r00ta

yeah sure, we’re still in testing fase

{
  "key": {
    "public": "XCzypQ4NGtejRGmNGeEsLyMGkznouO3+4MJQkYr3AkA=",
    "private": "XAb0CbVpuPN0OaCRqE0ld3CsldjWiNLrsgaABMmzRSE="},
  "agents": [
    {
      "url": "http://maas.xxx:8081",
      "username": "admin@candid"
    }
  ]
}

And the regiond logs gives me the following message:

2023-12-07 13:46:32 regiond: [info] 127.0.0.1 POST /MAAS/api/2.0/machines/ HTTP/1.1 --> 400 BAD_REQUEST (referrer: -; agent: python-requests/2.25.1)
2023-12-07 13:46:32 regiond: [info] 127.0.0.1 GET /MAAS/api/2.0/machines/ HTTP/1.1 --> 400 BAD_REQUEST (referrer: -; agent: python-requests/2.25.1)
2023-12-07 13:46:32 regiond: [info] 127.0.0.1 DELETE /MAAS/api/2.0/machines/ HTTP/1.1 --> 401 UNAUTHORIZED (referrer: -; agent: python-requests/2.25.1)

jverhave · 7 December 2023 13:54

Also is there something that I need to align with the Maas admin users and Candid? Maybe I’ve missed something since there is not a lot of documentation of it.

r00ta · 7 December 2023 17:20

If I’m not wrong, you have to use the apikey of a valid user in Candid

jverhave · 8 December 2023 07:33

Meaning? I need to retrieve the api key from a candid users, and paste those into the admin keys? If so And how should I do that? How can I retrieve those keys from a candid user?

r00ta · 8 December 2023 08:04

Open the UI and you will be redirected to Candid. Login with a valid user and extract the apikey from the UI or from the cli using sudo Maas apikey --username your_username

jverhave · 8 December 2023 09:21

@r00ta , yes that seems to work, thanks a lot for your help!!

r00ta · 8 December 2023 10:16

Anytime! Happy to help