At my day job, we use NinjaRMM for managing our client’s computers. I’ve been using Postman for a while to test API calls before coding anything. One really bleeping frustrating thing about the NinjaRMM API is how they decided to make authentication completely un-normal,
First setup a couple of global variables:
Now to add the code to the “Pre-request Script” tab:
var privateKey = postman.getEnvironmentVariable('ninja_private_key');
var requestDateTime = new Date().toUTCString();
var path = request.url.substr( request.url.indexOf('.com/') + 4 );
postman.setGlobalVariable('ninja_date', requestDateTime);
postman.setGlobalVariable('ninja_signature', getSignature(privateKey, getStringToSign('GET', '', '', requestDateTime, path)));
function getStringToSign(httpMethod, contentMD5, contentType, requestDateTime, canonicalPath) {
return httpMethod+"\n"+contentMD5+"\n"+contentType+"\n"+requestDateTime+"\n"+canonicalPath;
}
function getSignature(secretAccessKey, stringToSign) {
var encodedString = base64_encode(stringToSign);
var signature = CryptoJS.HmacSHA1(encodedString, secretAccessKey);
return signature.toString(CryptoJS.enc.Base64);
}
function base64_encode( str ) {
return btoa(unescape(encodeURIComponent( str )));
}
After that is setup you could be able to use Postman to test the API.
Guy
January 5, 2019 at 1:24 amHi Drew,
thanks a lot, this helped me to fix my implementation in Python…
keep up to good posts 🙂
cheers
Guy
Parker
August 14, 2019 at 7:29 amHey Drew,
Thank you for this great resource. The company I am working at also uses NinjaRMM for managing clients. I was working with Postman to test Ninja’s API and was having trouble until I came across this post. I’m still receiving a invalid authorization header error. The version of Postman that I have does support AWS Signature Authorization, but the syntax for the Authorization header Postman uses is not the same as the syntax from Ninja’s API documentation (Authorization: NJ AccessKeyId:Signature). Since the signature is dynamic, I can’t just copy/paste it from the global variables. I could be wrong, but I don’t think header values can be set to global variables either.
If you have any insight or suggestions, it would be greatly appreciated.
Thanks,
Parker
Ryan
April 25, 2020 at 7:22 pmParker, I think I am having the same problem. Can you explain how you solved this? After using this script I still get the missing headers error message. Can someone explain what else needs to be done in Postman along with this script? Thanks
Parker
August 14, 2019 at 7:49 amHey Drew,
Disregard the last comment, the problem was solved. Once again thank you for this script!
-Parker
tomas
March 18, 2020 at 12:54 pmHow did you solve this?
Drew Gauderman • Post Author •
March 20, 2020 at 9:06 amTomas, What kind of issue are you having?
Danny van Oijen
June 16, 2020 at 2:20 amDoes someone have a script that i can use without postman?
Like powershell or python?
olivierolejniczak
January 18, 2021 at 6:03 amI use this powershell library for NinjaRMM: https://www.powershellgallery.com/packages/NinjaRmmApi/1.0.0