Cloudron makes it easy to run web apps like WordPress, Nextcloud, GitLab on your server. Find out more or install now.


Skip to content
  • Categories
  • Recent
  • Tags
  • Popular
  • Bookmarks
  • Search
Skins
  • Light
  • Cerulean
  • Cosmo
  • Flatly
  • Journal
  • Litera
  • Lumen
  • Lux
  • Materia
  • Minty
  • Morph
  • Pulse
  • Sandstone
  • Simplex
  • Sketchy
  • Spacelab
  • United
  • Yeti
  • Zephyr
  • Dark
  • Cyborg
  • Darkly
  • Quartz
  • Slate
  • Solar
  • Superhero
  • Vapor

  • Default (No Skin)
  • No Skin
Collapse
Brand Logo

Cloudron Forum

Apps | Demo | Docs | Install
  1. Cloudron Forum
  2. Vikunja
  3. Vikunja API and Cloudron

Vikunja API and Cloudron

Scheduled Pinned Locked Moved Vikunja
8 Posts 4 Posters 1.6k Views 4 Watching
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • colonelpanicC Offline
      colonelpanicC Offline
      colonelpanic
      wrote on last edited by
      #1

      I'd like to utilize the Vikunja API. However, it looks like all of the requests require JWT-Auth with the exception of calDAV requests. If I'm reading the API docs correctly then this would require Open ID Connect to utilize the API.

      Has anyone here been able to set this up? I believe Vikunja user management is currently handled by the app and it looks like we can configure Open ID in the config.yml — I assume changes made here would persist through upgrades?

      I found this forum topic on using Kopano Meet as an OIDC provider. This looks promising. Is anyone else using an app that is dedicated to authentication like Authelia or Keycloak on Cloudron?

      Lastly, would doing something like this require changing the CSP headers? This is where I start to get lost. 😉

      Thanks in advance for any input!

      girishG 2 Replies Last reply
      2
      • colonelpanicC colonelpanic

        I'd like to utilize the Vikunja API. However, it looks like all of the requests require JWT-Auth with the exception of calDAV requests. If I'm reading the API docs correctly then this would require Open ID Connect to utilize the API.

        Has anyone here been able to set this up? I believe Vikunja user management is currently handled by the app and it looks like we can configure Open ID in the config.yml — I assume changes made here would persist through upgrades?

        I found this forum topic on using Kopano Meet as an OIDC provider. This looks promising. Is anyone else using an app that is dedicated to authentication like Authelia or Keycloak on Cloudron?

        Lastly, would doing something like this require changing the CSP headers? This is where I start to get lost. 😉

        Thanks in advance for any input!

        girishG Offline
        girishG Offline
        girish
        Staff
        wrote on last edited by
        #2

        @colonelpanic I think you have to call https://try.vikunja.io/api/v1/docs#tag/user/paths/~1login/post which will give you the JWT token that you can use in the Authentication header for future requests.

        colonelpanicC 1 Reply Last reply
        1
        • colonelpanicC colonelpanic

          I'd like to utilize the Vikunja API. However, it looks like all of the requests require JWT-Auth with the exception of calDAV requests. If I'm reading the API docs correctly then this would require Open ID Connect to utilize the API.

          Has anyone here been able to set this up? I believe Vikunja user management is currently handled by the app and it looks like we can configure Open ID in the config.yml — I assume changes made here would persist through upgrades?

          I found this forum topic on using Kopano Meet as an OIDC provider. This looks promising. Is anyone else using an app that is dedicated to authentication like Authelia or Keycloak on Cloudron?

          Lastly, would doing something like this require changing the CSP headers? This is where I start to get lost. 😉

          Thanks in advance for any input!

          girishG Offline
          girishG Offline
          girish
          Staff
          wrote on last edited by
          #3

          @colonelpanic said in Vikunja API and Cloudron:

          Lastly, would doing something like this require changing the CSP headers? This is where I start to get lost.

          You can override the CSP from the Cloudron dashboard - https://docs.cloudron.io/apps/#custom-csp .

          1 Reply Last reply
          1
          • girishG girish

            @colonelpanic I think you have to call https://try.vikunja.io/api/v1/docs#tag/user/paths/~1login/post which will give you the JWT token that you can use in the Authentication header for future requests.

            colonelpanicC Offline
            colonelpanicC Offline
            colonelpanic
            wrote on last edited by
            #4

            @girish - Oh geez. I feel like an idiot for missing that. Thanks for pointing it out! Now I just need to figure out the one time password portion. Thanks!

            Also, in regards to CSP. I know they can be edited there, I was just not sure if it would be necessary to add something if using OIDC. It is now irrelevant with the info you provided.

            Thanks again!

            girishG fbartelsF 2 Replies Last reply
            0
            • colonelpanicC colonelpanic

              @girish - Oh geez. I feel like an idiot for missing that. Thanks for pointing it out! Now I just need to figure out the one time password portion. Thanks!

              Also, in regards to CSP. I know they can be edited there, I was just not sure if it would be necessary to add something if using OIDC. It is now irrelevant with the info you provided.

              Thanks again!

              girishG Offline
              girishG Offline
              girish
              Staff
              wrote on last edited by
              #5

              @colonelpanic said in Vikunja API and Cloudron:

              Now I just need to figure out the one time password portion

              I think that's only if you have some TOTP configured?

              colonelpanicC 1 Reply Last reply
              0
              • colonelpanicC colonelpanic

                @girish - Oh geez. I feel like an idiot for missing that. Thanks for pointing it out! Now I just need to figure out the one time password portion. Thanks!

                Also, in regards to CSP. I know they can be edited there, I was just not sure if it would be necessary to add something if using OIDC. It is now irrelevant with the info you provided.

                Thanks again!

                fbartelsF Offline
                fbartelsF Offline
                fbartels
                App Dev
                wrote on last edited by
                #6

                @colonelpanic said in Vikunja API and Cloudron:

                if it would be necessary to add something if using OIDC

                No, generally this is not necessary. CSPs would need to be adapted if (maybe abstract example) you embed one app into another. But for oidc you usually redirect to another domain/service.

                1 Reply Last reply
                0
                • girishG girish

                  @colonelpanic said in Vikunja API and Cloudron:

                  Now I just need to figure out the one time password portion

                  I think that's only if you have some TOTP configured?

                  colonelpanicC Offline
                  colonelpanicC Offline
                  colonelpanic
                  wrote on last edited by
                  #7

                  @girish, I am using a OTP with Vikunja—but I opted to create a new user and share only the lists I want to automate with that user. I think I'm good to go for now.

                  @fbartels, thanks for confirming! I have more questions regarding CSP, but I'll try to do some research on my own and start a new topic in the correct category if needed.

                  1 Reply Last reply
                  1
                  • kolaenteK Offline
                    kolaenteK Offline
                    kolaente
                    wrote on last edited by
                    #8

                    Hi! (Vikunja dev here)

                    As @girish correctly pointed out, you don't need to enable openid to use the api. In fact, when you're using the Vikunja Frontend or Desktop app it already uses the api. The login endpoint is your way to go to get the api token.

                    I hope to build "classic" api tokens in the future you may know from other websites (like github) where you can create a long-lived token in the user settings and use it without a login.

                    1 Reply Last reply
                    4
                    Reply
                    • Reply as topic
                    Log in to reply
                    • Oldest to Newest
                    • Newest to Oldest
                    • Most Votes


                      • Login

                      • Don't have an account? Register

                      • Login or register to search.
                      • First post
                        Last post
                      0
                      • Categories
                      • Recent
                      • Tags
                      • Popular
                      • Bookmarks
                      • Search