API Keys - SirBitesalot/AvorionServerManager GitHub Wiki

For this guide the Web API should be set up correcctly.To test this start the http server (Server tab in the manager) open the Browser an open the Adress https://localhost:51234/AvorionServerManager/api/Server/ (replace the port if necessary) You should see this Info:

For the next step you need a Tool to send Http Requests. I used the Chrome App Postman. Postman link Send a get Request to the URL: https://localhost:51234/AvorionServerManager/api/AuthTest (Replace Port if necessary) The result should look like this:

We get the message that our request is not authorized. Some of the API functions are only available with authorization as they could be abused (like constantly shutting down the server or spamming broadcast chat messages) To authorize our requests we need an API Key to do this, go to the Settings Folder of the Manager and open the ApiKeys.txt File. Each API key must have its own line and should not contain spaces. An API key should not be too short and not easy to guess use an random string generator if you have problems to come up with a long enough key. After you added your key to the file go to the Tools Section in the Manager and click on Reload in the API Keys subsection. In this example the stupidly unsecure key "ExampleApiKey1234" is used please do not use this key or a similar easy to guess key.

Add your key as Authorization Header value. In Postman this will look like this.

Authorization is the Header Type. Apikey is the required identifier. This is followed by a space and then your apikey. If we now send a get request to the previous Url we get the response: Authorized

Now the API is completly set up. You can add as many API Keys you want and give them to Persons that should be able to control the server remotely.