Lockbox creation via API

bw908 · November 21, 2022, 6:41pm

Are there plans to allow definition of lockboxes via platform API?

I cannot find any information on this and the current process (having to define it via the web interface) is not desirable in the long term when we wish to automate this process via CI system wherein the build
knows which components (compose, OS) should go into the lockbox as part of a build chain dependency.

jeremias.tx · November 21, 2022, 8:27pm

Greetings @bw908,

There is API available to interact with our platform however it is still somewhat not public. When I say not “public” I mean in the sense that it is mostly undocumented as the team is still working on polishing the API for public use. That said the actual API endpoints are publicly accessible if you know what they are.

The endpoint for Lockbox creation is “tentatively” documented here: API Docs | Toradex Developer Center

You’ll need to know the backend names and information of the packages that are to be included in the Lockbox. For authorization you’ll need a token that you can get from defining an API client in the Web UI.

Here’s an example of getting such a token:

CLIENT_ID=<API CLIENT>
CLIENT_SECRET=<CLIENT SECRET>
TOKEN_URL="https://kc.torizon.io/auth/realms/ota-users/protocol/openid-connect/token"

# Token produced here is usable for all API endpoints.
# Token expires after 7 days.
TOKEN=$(curl $TOKEN_URL \
 -d client_id=$CLIENT_ID \
 -d client_secret=$CLIENT_SECRET \
 -d grant_type=client_credentials | jq -r .access_token)

Once you have that you can use it to make a call to an API like so:

curl --max-time 30  -H "Authorization: Bearer ${TOKEN}" "<API ENDPOINT HERE>"

That said keep in mind that our API is still not 100% polished and ready for public use so some issues/difficulties are somewhat expected. Though we are planning to make it ready for public use.

Best Regards,
Jeremias

bw908 · November 21, 2022, 8:28pm

Fantastic, thanks. I’ll have a look at this now!

Rough around the edges is fine for now since I’m in the process of setting up the infrastructure and we are not yet at a state where it will be needed in a production context.

jeremias.tx · November 22, 2022, 12:17am

Glad I could help provide some direction at least.

bw908 · April 11, 2023, 6:40pm

Hi @jeremias.tx,

Is there a field that can be used to set the expiry of such a created lockbox? I do not see it defined and attempting to simply add “expires” as a json key wasn’t successful - while not rejected by the server, it still defaults to 1 year.

Thanks!

jeremias.tx · April 11, 2023, 7:42pm

What exactly are you trying to send as the API request here?

Also I asked our server team and they suggested to try expiresAt instead of expires.

Best Regards,
Jeremias

bw908 · April 12, 2023, 1:15pm

Thanks - expiresAt did the trick. (I was going off the notes for the GET endpoints which will return expires.)

jeremias.tx · April 12, 2023, 7:43pm

Great glad to hear it works!