Cloudron makes it easy to run web apps like WordPress, Nextcloud, GitLab on your server. Find out more or install now.


  • Categories
  • Recent
  • Tags
  • Popular
  • Bookmarks
Skins
  • Light
  • Cerulean
  • Cosmo
  • Flatly
  • Journal
  • Litera
  • Lumen
  • Lux
  • Materia
  • Minty
  • Morph
  • Pulse
  • Sandstone
  • Simplex
  • Sketchy
  • Spacelab
  • United
  • Yeti
  • Zephyr
  • Dark
  • Cyborg
  • Darkly
  • Quartz
  • Slate
  • Solar
  • Superhero
  • Vapor

  • Default (No Skin)
  • No Skin
Collapse

Cloudron Forum

Apps | Demo | Docs | Install

Vikunja API and Cloudron

Scheduled Pinned Locked Moved Vikunja
8 Posts 4 Posters 434 Views
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • colonelpanicC Offline
    colonelpanicC Offline
    colonelpanic
    wrote on last edited by
    #1

    I'd like to utilize the Vikunja API. However, it looks like all of the requests require JWT-Auth with the exception of calDAV requests. If I'm reading the API docs correctly then this would require Open ID Connect to utilize the API.

    Has anyone here been able to set this up? I believe Vikunja user management is currently handled by the app and it looks like we can configure Open ID in the config.yml — I assume changes made here would persist through upgrades?

    I found this forum topic on using Kopano Meet as an OIDC provider. This looks promising. Is anyone else using an app that is dedicated to authentication like Authelia or Keycloak on Cloudron?

    Lastly, would doing something like this require changing the CSP headers? This is where I start to get lost. 😉

    Thanks in advance for any input!

    girishG 2 Replies Last reply
    2
  • girishG Offline
    girishG Offline
    girish Staff
    replied to colonelpanic on last edited by
    #2

    @colonelpanic I think you have to call https://try.vikunja.io/api/v1/docs#tag/user/paths/~1login/post which will give you the JWT token that you can use in the Authentication header for future requests.

    colonelpanicC 1 Reply Last reply
    1
  • girishG Offline
    girishG Offline
    girish Staff
    replied to colonelpanic on last edited by
    #3

    @colonelpanic said in Vikunja API and Cloudron:

    Lastly, would doing something like this require changing the CSP headers? This is where I start to get lost.

    You can override the CSP from the Cloudron dashboard - https://docs.cloudron.io/apps/#custom-csp .

    1 Reply Last reply
    1
  • colonelpanicC Offline
    colonelpanicC Offline
    colonelpanic
    replied to girish on last edited by
    #4

    @girish - Oh geez. I feel like an idiot for missing that. Thanks for pointing it out! Now I just need to figure out the one time password portion. Thanks!

    Also, in regards to CSP. I know they can be edited there, I was just not sure if it would be necessary to add something if using OIDC. It is now irrelevant with the info you provided.

    Thanks again!

    girishG fbartelsF 2 Replies Last reply
    0
  • girishG Offline
    girishG Offline
    girish Staff
    replied to colonelpanic on last edited by
    #5

    @colonelpanic said in Vikunja API and Cloudron:

    Now I just need to figure out the one time password portion

    I think that's only if you have some TOTP configured?

    colonelpanicC 1 Reply Last reply
    0
  • fbartelsF Offline
    fbartelsF Offline
    fbartels App Dev
    replied to colonelpanic on last edited by
    #6

    @colonelpanic said in Vikunja API and Cloudron:

    if it would be necessary to add something if using OIDC

    No, generally this is not necessary. CSPs would need to be adapted if (maybe abstract example) you embed one app into another. But for oidc you usually redirect to another domain/service.

    1 Reply Last reply
    0
  • colonelpanicC Offline
    colonelpanicC Offline
    colonelpanic
    replied to girish on last edited by
    #7

    @girish, I am using a OTP with Vikunja—but I opted to create a new user and share only the lists I want to automate with that user. I think I'm good to go for now.

    @fbartels, thanks for confirming! I have more questions regarding CSP, but I'll try to do some research on my own and start a new topic in the correct category if needed.

    1 Reply Last reply
    1
  • kolaenteK Offline
    kolaenteK Offline
    kolaente
    wrote on last edited by
    #8

    Hi! (Vikunja dev here)

    As @girish correctly pointed out, you don't need to enable openid to use the api. In fact, when you're using the Vikunja Frontend or Desktop app it already uses the api. The login endpoint is your way to go to get the api token.

    I hope to build "classic" api tokens in the future you may know from other websites (like github) where you can create a long-lived token in the user settings and use it without a login.

    1 Reply Last reply
    4

  • Login

  • Don't have an account? Register

  • Login or register to search.
  • First post
    Last post
0
  • Categories
  • Recent
  • Tags
  • Popular
  • Bookmarks
  • Login

  • Don't have an account? Register

  • Login or register to search.