{"id":11,"date":"2021-09-16T05:56:58","date_gmt":"2021-09-16T05:56:58","guid":{"rendered":"http:\/\/6142da5c496bc700167e098a"},"modified":"2021-11-09T12:23:29","modified_gmt":"2021-11-09T12:23:29","slug":"complete-guide-on-how-to-configure-new-https-api-in-ucm63xx-and-generate-md5-hash-token","status":"publish","type":"post","link":"https:\/\/jazchye.com\/index.php\/2021\/09\/16\/complete-guide-on-how-to-configure-new-https-api-in-ucm63xx-and-generate-md5-hash-token\/","title":{"rendered":"Complete guide on how to configure new HTTPS API in UCM63XX (and generate MD5 hash token)"},"content":{"rendered":"<p>UCM63XX only supports the new HTTPS API Setting, and no longer supports the old HTTPS API Setting. Although <a href=\"https:\/\/www.grandstream.com\/hubfs\/Product_Documentation\/UCM_API_Guide.pdf?hsLang=en\">UCM API configuration<\/a> does show how to configure UCM API, some steps are skipped. I\u2019m sure those users who do not know to code will have a hard time getting the token or cookies.<\/p>\n<p>There are 2 steps in configuring CDR API in UCM63XX:<\/p>\n<p>1. Configure CDR API and HTTP Server in UCM<\/p>\n<p>2. Establish Connection and User Authentication<\/p>\n<ul>\n<li>Send a request to the UCM to get a challenge string<\/li>\n<li>Send a request to the UCM for Login<\/li>\n<li>Run your command to obtain your desired data<\/li>\n<\/ul>\n<p><strong>1. Configure CDR API and HTTP Server in UCM<\/strong><\/p>\n<p><strong>a. Enable CDR API<\/strong><\/p>\n<p>Go to UCM web UI &gt; Value-added Features &gt; API Configuration &gt; HTTPS API Settings (New) and check \u2018Enable\u2019. Key in the Username as \u2018cdrapi\u2019 and password. In my example here I will be using the password \u2018cdrapi123\u2019.<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full wp-image-51\" src=\"http:\/\/jazchye.com\/wp-content\/uploads\/2021\/10\/HTTPS_API_UCM63xx_1.jpg\" alt=\"\" width=\"1251\" height=\"572\" srcset=\"https:\/\/jazchye.com\/wp-content\/uploads\/2021\/10\/HTTPS_API_UCM63xx_1.jpg 1251w, https:\/\/jazchye.com\/wp-content\/uploads\/2021\/10\/HTTPS_API_UCM63xx_1-300x137.jpg 300w, https:\/\/jazchye.com\/wp-content\/uploads\/2021\/10\/HTTPS_API_UCM63xx_1-1024x468.jpg 1024w, https:\/\/jazchye.com\/wp-content\/uploads\/2021\/10\/HTTPS_API_UCM63xx_1-768x351.jpg 768w\" sizes=\"auto, (max-width: 1251px) 100vw, 1251px\" \/><\/p>\n<figure><\/figure>\n<p><strong>b. Whitelist your IP address in HTTP Server<\/strong><\/p>\n<p>Go to UCM web UI &gt; System Settings &gt; HTTP Server, and key in the IP address and subnet mask of the client device which you will be using to run HTTP request later under Permitted IP (s). Note that my HTTP server port here is 8089.<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full wp-image-52\" src=\"http:\/\/jazchye.com\/wp-content\/uploads\/2021\/10\/HTTPS_API_UCM63xx_2.jpg\" alt=\"\" width=\"1417\" height=\"615\" srcset=\"https:\/\/jazchye.com\/wp-content\/uploads\/2021\/10\/HTTPS_API_UCM63xx_2.jpg 1417w, https:\/\/jazchye.com\/wp-content\/uploads\/2021\/10\/HTTPS_API_UCM63xx_2-300x130.jpg 300w, https:\/\/jazchye.com\/wp-content\/uploads\/2021\/10\/HTTPS_API_UCM63xx_2-1024x444.jpg 1024w, https:\/\/jazchye.com\/wp-content\/uploads\/2021\/10\/HTTPS_API_UCM63xx_2-768x333.jpg 768w\" sizes=\"auto, (max-width: 1417px) 100vw, 1417px\" \/><\/p>\n<figure><\/figure>\n<p><strong>2. Establish Connection and User Authentication<\/strong><\/p>\n<p><strong>a. Send a request to the UCM to get a Challenge string<\/strong><\/p>\n<p>To proceed with this step, you will need an API platform. I have been using Postman for quite a while (as you can see in all of my previous API guides), and it is working well for me. If you would like to download, here is a <a href=\"https:\/\/www.postman.com\/downloads\/?lang=ar\/page\/2page\/30page\/2page\/3page\/2page\/30page\/30page\/30page\/3page\/3&amp;hubs_signup-cta=careers-nav-homepage&amp;q=marketing+predictions&amp;__hstc=259582869.c4a577029c49e44b73bd3bee6fa38565.1585440000593.1585440000594.1585440000595.1&amp;__hssc=259582869.1.1585440000596&amp;__hsfp=3071927421\">link<\/a> to download.<\/p>\n<p>You need to understand that HTTP authentication is based on request\/response protocol. In this case, we will run a Challenge request on POSTMAN, which will parse this request to the UCM server. If the request succeeds, UCM will respond with a Challenge string with the status \u20180\u2019.<\/p>\n<p>Do a POST request in Postman, with the URL format as &#8211;<\/p>\n<pre><code>https:\/\/:\/api<\/code><\/pre>\n<p>E.g. <a href=\"https:\/\/192.168.0.174:8089\/api\">https:\/\/192.168.0.174:8089\/api<\/a><\/p>\n<p>You do not need to key in any Params manually. Just go to Body, select raw (JSON), and paste the following request \u2013<\/p>\n<pre><code>{\n \"request\":{\n \"action\":\"challenge\",\n \"user\":\"cdrapi\",\n \"version\":\"1.2\"\n }\n}<\/code><\/pre>\n<p>It should look like this. Click on Send.<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full wp-image-53\" src=\"http:\/\/jazchye.com\/wp-content\/uploads\/2021\/10\/HTTPS_API_UCM63xx_3.jpg\" alt=\"\" width=\"784\" height=\"419\" srcset=\"https:\/\/jazchye.com\/wp-content\/uploads\/2021\/10\/HTTPS_API_UCM63xx_3.jpg 784w, https:\/\/jazchye.com\/wp-content\/uploads\/2021\/10\/HTTPS_API_UCM63xx_3-300x160.jpg 300w, https:\/\/jazchye.com\/wp-content\/uploads\/2021\/10\/HTTPS_API_UCM63xx_3-768x410.jpg 768w\" sizes=\"auto, (max-width: 784px) 100vw, 784px\" \/><\/p>\n<figure><\/figure>\n<p>You will get a response with a challenge string back, similar to the image below. This challenge string is crucial for the next step.<\/p>\n<p><strong>b. Send a request to the UCM for Login<\/strong><\/p>\n<p>To send a request to the UCM for login, you will need a token computed from the MD5 hash which consists of the challenge string and the user password. This is where things get tricky. The manual guide <strong>DOES NOT<\/strong> teach you how to get the token, assuming that you have a certain level of knowledge in coding.<\/p>\n<p>In order to get the token, I have written a simple script for <a href=\"https:\/\/www.python.org\/downloads\/\">Python 3.9<\/a> which will generate the token.<\/p>\n<pre><code>import hashlib\nchallenge = '0000000891268968'\nsalt = \"cdrapi123\"\ndb_password = challenge+salt\nh = hashlib.md5(db_password.encode())\nprint(h.hexdigest())<\/code><\/pre>\n<p>Replace the challenge string above with your challenge string generated from step 2(a), and run them in Python. You will get an MD5 hash string.<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full wp-image-54\" src=\"http:\/\/jazchye.com\/wp-content\/uploads\/2021\/10\/HTTPS_API_UCM63xx_4.jpg\" alt=\"\" width=\"919\" height=\"259\" srcset=\"https:\/\/jazchye.com\/wp-content\/uploads\/2021\/10\/HTTPS_API_UCM63xx_4.jpg 919w, https:\/\/jazchye.com\/wp-content\/uploads\/2021\/10\/HTTPS_API_UCM63xx_4-300x85.jpg 300w, https:\/\/jazchye.com\/wp-content\/uploads\/2021\/10\/HTTPS_API_UCM63xx_4-768x216.jpg 768w\" sizes=\"auto, (max-width: 919px) 100vw, 919px\" \/><\/p>\n<figure><\/figure>\n<p>With this MD5 hash string, you can now run the following POST request in the POSTMAN. Make sure that you have replaced the token string with theMD5 string which you get from running the Python script above, and replace the URL to \u201chttps:\/\/:\u201d<\/p>\n<pre><code>{\n \"request\":{\n \"action\":\"login\",\n \"token\":\"f6cbb7818d08cbcd09549a382a3f14f9\",\n \"url\":\"http:\/\/192.168.0.174:8089\",\n \"user\":\"cdrapi\"\n }\n}<\/code><\/pre>\n<figure><\/figure>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full wp-image-55\" src=\"http:\/\/jazchye.com\/wp-content\/uploads\/2021\/10\/HTTPS_API_UCM63xx_5.jpg\" alt=\"\" width=\"836\" height=\"404\" srcset=\"https:\/\/jazchye.com\/wp-content\/uploads\/2021\/10\/HTTPS_API_UCM63xx_5.jpg 836w, https:\/\/jazchye.com\/wp-content\/uploads\/2021\/10\/HTTPS_API_UCM63xx_5-300x145.jpg 300w, https:\/\/jazchye.com\/wp-content\/uploads\/2021\/10\/HTTPS_API_UCM63xx_5-768x371.jpg 768w\" sizes=\"auto, (max-width: 836px) 100vw, 836px\" \/><\/p>\n<p>UCM should respond with the cookie string. This cookie is required for all of the API requests you will run in step 2(c). Note that the cookie times out in 10 minutes.<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full wp-image-56\" src=\"http:\/\/jazchye.com\/wp-content\/uploads\/2021\/10\/HTTPS_API_UCM63xx_6.jpg\" alt=\"\" width=\"542\" height=\"261\" srcset=\"https:\/\/jazchye.com\/wp-content\/uploads\/2021\/10\/HTTPS_API_UCM63xx_6.jpg 542w, https:\/\/jazchye.com\/wp-content\/uploads\/2021\/10\/HTTPS_API_UCM63xx_6-300x144.jpg 300w\" sizes=\"auto, (max-width: 542px) 100vw, 542px\" \/><\/p>\n<figure><\/figure>\n<p><strong>c. Run your command to obtain your desired data<\/strong><\/p>\n<p>Here, I will be sending a request to get all the CDR records from the CDR database. Run the following request in POSTMAN, and make sure the cookie field contains the cookie string from 2(b).<\/p>\n<pre><code>{\"request\":{\n \"action\":\"cdrapi\",\n \"cookie\":\"sid343158721-1620280910\",\n \"format\":\"json\"\n }\n}<\/code><\/pre>\n<figure><\/figure>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full wp-image-57\" src=\"http:\/\/jazchye.com\/wp-content\/uploads\/2021\/10\/HTTPS_API_UCM63xx_7.jpg\" alt=\"\" width=\"780\" height=\"322\" srcset=\"https:\/\/jazchye.com\/wp-content\/uploads\/2021\/10\/HTTPS_API_UCM63xx_7.jpg 780w, https:\/\/jazchye.com\/wp-content\/uploads\/2021\/10\/HTTPS_API_UCM63xx_7-300x124.jpg 300w, https:\/\/jazchye.com\/wp-content\/uploads\/2021\/10\/HTTPS_API_UCM63xx_7-768x317.jpg 768w\" sizes=\"auto, (max-width: 780px) 100vw, 780px\" \/><\/p>\n<p>The output should be the CDR records in JSON format. For more parameters, you may refer back to <a href=\"https:\/\/www.grandstream.com\/hubfs\/Product_Documentation\/UCM_API_Guide.pdf?hsLang=en\">UCM API Guide<\/a>.<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full wp-image-58\" src=\"http:\/\/jazchye.com\/wp-content\/uploads\/2021\/10\/HTTPS_API_UCM63xx_8.jpg\" alt=\"\" width=\"979\" height=\"777\" srcset=\"https:\/\/jazchye.com\/wp-content\/uploads\/2021\/10\/HTTPS_API_UCM63xx_8.jpg 979w, https:\/\/jazchye.com\/wp-content\/uploads\/2021\/10\/HTTPS_API_UCM63xx_8-300x238.jpg 300w, https:\/\/jazchye.com\/wp-content\/uploads\/2021\/10\/HTTPS_API_UCM63xx_8-768x610.jpg 768w\" sizes=\"auto, (max-width: 979px) 100vw, 979px\" \/><\/p>\n<figure><\/figure>\n","protected":false},"excerpt":{"rendered":"<p>UCM63XX only supports the new HTTPS API Setting, and no longer supports the old HTTPS API Setting. Although UCM API configuration does show how to&hellip;<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[7,6,4,9],"tags":[],"class_list":["post-11","post","type-post","status-publish","format-standard","hentry","category-api","category-how-to","category-ippbx","category-sip"],"_links":{"self":[{"href":"https:\/\/jazchye.com\/index.php\/wp-json\/wp\/v2\/posts\/11","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/jazchye.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/jazchye.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/jazchye.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/jazchye.com\/index.php\/wp-json\/wp\/v2\/comments?post=11"}],"version-history":[{"count":2,"href":"https:\/\/jazchye.com\/index.php\/wp-json\/wp\/v2\/posts\/11\/revisions"}],"predecessor-version":[{"id":155,"href":"https:\/\/jazchye.com\/index.php\/wp-json\/wp\/v2\/posts\/11\/revisions\/155"}],"wp:attachment":[{"href":"https:\/\/jazchye.com\/index.php\/wp-json\/wp\/v2\/media?parent=11"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/jazchye.com\/index.php\/wp-json\/wp\/v2\/categories?post=11"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/jazchye.com\/index.php\/wp-json\/wp\/v2\/tags?post=11"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}