I’ll detail what works for me.
To start with, change the following to suit your current set up and then paste into your Unix command line:
export ERP_HOST="dev.erpnext.host";
export OTHER_USER="youself.yourorg@gmail.com";
export TOKEN="72d03ddb0c9e010:0261aee60ce2190";
export ADMIN_PWD="sEcr3t";
With that done, all the rest of the commands below ought to just work as is, when pasted into the command line.
curl --location --request \
POST "https://${ERP_HOST}/api/method/frappe.core.doctype.user.user.generate_keys?user=${OTHER_USER}" \
--header "Authorization: token ${TOKEN}";
The key and secret are of the administrator. I always use the UI to get the first token (see note below). However there is another way that I explain below.
The return result is:
{
"message": {
"api_secret": "bd18c496424153a"
}
}
Clearly that is only the secret. To get the key, run:
curl --location \
"https://${ERP_HOST}/api/resource/User/${OTHER_USER}" \
--header "Authorization: token ${TOKEN}";
The response for that will be:
{
"data": {
"name": "${OTHER_USER}",
"api_key": "63e2ac4283fede7",
"api_secret": "***************",
"doctype": "User",
"stuff": "lots of stuff",
"etc": "blabbity blabbity blaaa"
}
}
If you find that overwhelming you can install the wonderful jq utility and run:
curl --silent --location \
"https://${ERP_HOST}/api/resource/User/${OTHER_USER}" \
--header "Authorization: token ${TOKEN}" \
| jq -r '.data.api_key';
Which will get you:
63e2ac4283fede7
Pay attention to the --location switch that means, “Automatically follow HTTP redirects”. It could be the reason for your "File not found: errors.
I’m guessing you would like to obviate the UI entirely. To do that you still have to log in, but there is an alternate way to it:
Here it is:
curl --location --cookie-jar oreo.txt \
--request POST "https://${ERP_HOST}/api/method/login" \
--header "Content-Type: application/json" \
--data-raw "{
\"usr\": \"Administrator\",
\"pwd\": \"${ADMIN_PWD}\"
}";
This returns, first a bit of meta information in standard out …
{
"message": "Logged In",
"home_page": "/desk",
"full_name": "Administrator"
}
… and second, a cookie file …
# Netscape HTTP Cookie File
# https://curl.haxx.se/docs/http-cookies.html
# This file was generated by libcurl! Edit at your own risk.
#HttpOnly_
dev.erpnext.host FALSE / TRUE 1616357367 sid 937415344dd12179acxxxxxxxxxa4fb3ddb446ab7843a529e84d8aaa
dev.erpnext.host FALSE / TRUE 0 system_user yes
dev.erpnext.host FALSE / TRUE 0 full_name Administrator
dev.erpnext.host FALSE / TRUE 0 user_id Administrator
dev.erpnext.host FALSE / TRUE 0 user_image
The only cookie that matters is the first: sid, but there’s no reason not to keep using the file as is. Now, it is merely necessary to include --cookie oreo.txt in all future calls:
curl --cookie oreo.txt \
--request POST \
"https://${ERP_HOST}/api/method/frappe.core.doctype.user.user.generate_keys?user=${OTHER_USER}";
{
"message": {
"api_secret": "fadde32b362577b"
}
}
curl --silent --cookie oreo.txt \
"https://${ERP_HOST}/api/resource/User/${OTHER_USER}" \
| jq -r '.data.api_key';
63e2ac4283fede7
As an aside, as soon as I have completed the wizard after creating an installation, I log in as Administrator, generate a key/pair, do a few other things, save the pair in a private/files file, and then do a full database backup so that, no matter what happens, I don’t have run that horrible wizard again.
file: dev.erpnext.host/private/files/apiKeys.sh
export KEYS="63e2ac4283fede7:fadde32b362577b";