From 659c71d81840913deec8771f67203fd10c15dd6c Mon Sep 17 00:00:00 2001 From: DMRobertson Date: Wed, 13 Jul 2022 18:34:07 +0000 Subject: deploy: 2341032cf2d031e58710d82c9ee1d2360f9b82f9 --- develop/usage/administration/admin_api/index.html | 13 +++++++++++++ 1 file changed, 13 insertions(+) (limited to 'develop/usage') diff --git a/develop/usage/administration/admin_api/index.html b/develop/usage/administration/admin_api/index.html index 719e91c0c9..d4738efe75 100644 --- a/develop/usage/administration/admin_api/index.html +++ b/develop/usage/administration/admin_api/index.html @@ -158,10 +158,23 @@ command. This is a script that is distributed as part of synapse. It is possibly already on your $PATH depending on how Synapse was installed.

Finding your user's access_token is client-dependent, but will usually be shown in the client's settings.

Making an Admin API request

+

For security reasons, we recommend +that the Admin API (/_synapse/admin/...) should be hidden from public view using a +reverse proxy. This means you should typically query the Admin API from a terminal on +the machine which runs Synapse.

Once you have your access_token, you will need to authenticate each request to an Admin API endpoint by providing the token as either a query parameter or a request header. To add it as a request header in cURL:

curl --header "Authorization: Bearer <access_token>" <the_rest_of_your_API_request>
 
+

For example, suppose we want to +query the account of the user +@foo:bar.com. We need an admin access token (e.g. +syt_AjfVef2_L33JNpafeif_0feKJfeaf0CQpoZk), and we need to know which port +Synapse's client listener is listening +on (e.g. 8008). Then we can use the following command to request the account +information from the Admin API.

+
curl --header "Authorization: Bearer syt_AjfVef2_L33JNpafeif_0feKJfeaf0CQpoZk" -X GET http://127.0.0.1:8008/_synapse/admin/v2/users/@foo:bar.com
+

For more details on access tokens in Matrix, please refer to the complete matrix spec documentation.

-- cgit 1.4.1