API keys

In previous version it was possible to configure api-keys for REST module using entries within configuration file. In the recent version we decided to remove this configuration option. Now, by default Tigase XMPP Server requires API key to be passed to all requests and you need to configure them before you will be able to use REST API.

Instead, you should use ad-hocs available on the REST module JID to:

  • Add API key (api-key-add)
  • Update API key (api-key-update)
  • Remove API key (api-key-remove);


If you have Admin UI enabled, you may log in using admin credentials to this UI and when you select CONFIGURATION section on the left sidebar, it will expand and allow you to execute any of those ad-hoc commands mentioned above.

Requests made to the HTTP service must conclude with one of the API keys defined using ad-hoc commands: http://localhost:8080/rest/adhoc/sess-man@domain.com?api-key=test1


If you want to allow access to REST API without usage of any keys, it is possible. To do so, you need to add an API key with API key field value equal open_access.


You can also completely disable api-keys by adding 'open-access' = true to the TDSL configuration file, either in http bean or any of the modules of that bean, e.g. rest, `admin, etc