API Help with Bash Script

Howdy All,

First let me admit my ignorance with APIs, and assume that I know nothing.

#!/bin/bash -u

FORM=“Content-Type: application/x-www-form-urlencoded”
NOW=$(date -R)

#get these from the Duo Admin interface
INT=“obfuscated integration key from admin page”
KEY=“obfuscated secret key from admin page”
API=“■■■■■■■■■■■■■■■■■■■■■■■■■■■■

URL="/auth/v2/check"
#URL="/admin/v1/users"
REQ="$NOW\nGET\n$API\n$URL\n"

#could also use awk here, or the --binary mode as suggested elsewhere
HMAC=$(echo -n “$REQ” | openssl sha1 -hmac “$KEY” | cut -d" " -f 2)

AUTH=$(echo -n “$INT:$HMAC” | base64 -w0)

curl -s -H “Date: $NOW” -H $FORM -H “Authorization: Basic $AUTH” https://$API$URL

gives me this error:
{“code”: 40301, “message”: “Access forbidden”, “message_detail”: “Wrong integration type for this API.”, “stat”: “FAIL”}

If i change it to the “admin” url i get this error
{“code”: 40103, “message”: “Invalid signature in request credentials”, “stat”: “FAIL”}

Basically i want to pull a user l list via the API, but i can’t even get past the authentication piece.

Any help here is much appreciated.

Hello,

I cannot vouch for the code, but you have to use the integration keys for Auth API application in the Duo console when using the auth/vs/check. it sound like you might have just the admin API defined.

Adding our Rep Taylor so she can see.

I have both the Admin and the Auth API keys.

Just need some help on making the HMAC SH1 string and then basic authentication.

i.e. It would be nice to this broken into more steps

https://duo.com/docs/authapi#api-details