OpenProject api authentication using account username and password

Question

Is it possible to make authenticated requests to OpenProject api using admin account username and password? I am currently trying Basic Authentication using username and password but invalid credentials error is received. Any help would be appreciated! Thanks! Edit: I tried as mentioned in the answer. This what I did: Changed the configuration.yml file as given:

default:

      rails_cache_store: <%= ENV.fetch('RAILS_CACHE_STORE') { :memcache }.to_sym %>
      session_store: <%= ENV.fetch('SESSION_STORE') { :cache_store }.to_sym %>
      email_delivery_method: <%= ENV.fetch('EMAIL_DELIVERY_METHOD') { :sendmail } %>
      smtp_address: <%= ENV['SMTP_HOST'] %>
      smtp_port: <%= ENV.fetch('SMTP_PORT') { 25 }.to_i %>
      smtp_domain: <%= ENV.fetch('SMTP_DOMAIN') { ENV['HOSTNAME'] } %>
      smtp_authentication: <%= ENV.fetch('SMTP_AUTHENTICATION') { :login }.to_sym %>
      smtp_user_name: <%= ENV['SMTP_USERNAME'] %>
      smtp_password: <%= ENV['SMTP_PASSWORD'] %>
      smtp_enable_starttls_auto: <%= ENV.fetch('SMTP_ENABLE_STARTTLS_AUTO') { "false" } %>
      attachments_storage_path: <%= ENV.fetch('ATTACHMENTS_STORAGE_PATH') { "/var/db/_APP_NAME_/files" } %>
      global_basic_auth:
         user: admin
         password: admin

Then made a basic auth api call with username and password both admin. But still the authentication didnt work. Should there be any other headers to be included?

Answer 1

The statement in the configuration.yml should read:

default:
  ...other configuration params...
  authentication:
    global_basic_auth:
      user: admin
      password: admin

The authentication-key is missing.

Once you have defined credentials in the configuration.yml correctly, which will grant admin privileges, you should be able to issue calls against the api using basic auth, e.g.: curl -u admin:admin http://localhost:3000/api/v3/users. Bear in mind, that using the -u option, curl already transforms the HTTP-header value correctly (Authorization: Basic YWRtaW46YWRtaW4= in this example). If you use anything other than curl, please ensure that the client sends the header value with username:password base64 encoded.

Please note, that you also have the option to define an api key per user as described by the documentation. Doing this, you can control the access rights of the user from granting him admin permissions to only limited permissions inside a specific project.