OpenRport Docs
GITHUB
  • OpenRPort Knowledge Base
  • 👀WHAT IS RPORT
    • Features and benefits of RPort
      • Full feature list
    • Screenshots
  • 🚀GETTING STARTED
    • Install the RPort Server
      • Install on-premises
      • Install RPort on any virgin cloud VM
      • Enable two factor authentication
        • Use push on mobile for 2FA
        • Use TOTP
    • Connecting Clients
    • Using the remote access
      • Creating tunnels
        • VNC via browser
      • RDP via Browser
      • Open SSH from the browser
      • Scp,sftp through a tunnel
    • Renaming and tagging of clients
    • Organize clients with groups
    • Activate the vault
    • Manage users and permissions
  • 🗣️NEED HELP?
    • Troubleshoot common problems
      • Restart rport through a tunnel
      • Attributes file path not set
      • Recover lost passwords
      • Client is not connecting
      • Id is already in use
  • 🔦DIGGING DEEPER
    • Using the API
      • Create client credentials
    • RPort Technology Explained
    • Commands and Scripts
      • Executing commands
      • Executing scripts
      • Tacoscript
    • The scheduler
    • File copy and reception
    • Client Configuration Options
      • Supervision of OS updates
      • Script and command execution
    • Advanced client management
      • Install the RPort client manually
      • Uninstall the RPort client
      • Run with SELinux
    • Server Maintenance
      • Monitoring of RPortd
      • Updating RPort
      • Backing up the rport server
      • Renewing certificates
    • FAQ
      • How to use Cloudflare
Powered by GitBook
On this page
  • Preparation
  • Generate client credentials on Windows with PowerShell
  • Generate client credentials on Linux with bash
  1. DIGGING DEEPER
  2. Using the API

Create client credentials

For mass-deployment

PreviousUsing the APINextRPort Technology Explained

Last updated 1 year ago

Preparation

For a mass deployment of clients, where each client shall use its own client_id and password, proceed as follows:

  1. Generate an API key with scope clients-auth.

  2. Go to client access and generate a pairing script for any of the clients.

  3. Download the bash or PowerShell script to your desktop, but don't execute it.

  4. Open the scripts with an editor and go to the line where variables CLIENT_ID / $client_id and PASSWORD / $password are defined.

  5. Delete the lines and replace with the below snippets. Each time you execute the script, new client credentials are created via an API call.

  6. Now copy this script to new clients and execute.

On Linux
On Windows

Generate client credentials on Windows with PowerShell

#
# Create new client credentials
#
$apiToken = "xxxxx_b4306692-389c-4f4b-8c3c-50638ef07086" # Use token with 'clients-auth' scope
$apiUrl = "https://rport.example.com:443/api/v1/clients-auth"
$apiUser = "john"

$password = (-join ((48..57) + (97..122) | Get-Random -Count 14 | % {[char]$_}))
$client_id = $env:computername
$body = @{
    id=$client_id
    password=$password
}
$json = $body|ConvertTo-Json
$base64AuthInfo = [Convert]::ToBase64String([Text.Encoding]::ASCII.GetBytes(("{0}:{1}" -f $apiUser,$apiToken)))
Invoke-RestMethod -Uri $apiUrl -Headers @{Authorization = "Basic $base64AuthInfo"} -Method Post -Body $json -ContentType 'application/json'

Generate client credentials on Linux with bash

API_TOKEN="xxxxx_8fdef130-6597-4522-ae67-62feabfcf05d"
API_USER="john"
API_URL="https://rport.example.com:443/api/v1/clients-auth"

PASSWORD=$(openssl rand -hex 10)
CLIENT_ID=$(hostname -f)  # or use /etc/machine-id
BODY="{
    \"id\":\"${CLIENT_ID}\",
    \"password\":\"${PASSWORD}\"
}"
curl -fsu ${API_USER}:${API_TOKEN} ${API_URL} -H "Content-Type: application/json" -d "${BODY}"
🔦
Generate client credentials on Linux