FileMaker 17: Admin API

  • 0

FileMaker 17: Admin API

Tags : 

If you manage multiple instances of FileMaker Server, maintenance would typically be performed by logging in to each via a web browser or running fmsadmin CLI commands. These methods become unwieldy when you need to make the same change or gather the same bit of information across several servers. A seemingly simple task now takes 30 minutes or more with multiple servers. For example, ensuring that servers have enabled the security setting “Host password-protected databases only” is a quick task for the first few servers, but surprisingly time-consuming when checking twenty.

The time-saving solution to administering a fleet of Filemaker Server instances is the Admin API. Prior to 17, the Admin API was only available in FileMaker Cloud. Now, FileMaker Server 17 running on Windows or Mac OS can be administered from any tool capable of generating HTTP requests, including curl, PHP, and Filemaker Pro Advanced. Given a list of server addresses, we can programmatically log in to each server to gather configuration information, close database files, run schedules, and more.

To start off, here is the sequence of curl commands necessary to enable the “Host password-protected databases only” setting on a single server:

Obtain a JWT token:

curl -X POST \
 https://example.com/fmi/admin/api/v1/user/login \
 -H ‘Content-Type: application/json’ \
 -d ‘{
“username”: “admin”,
“password”: “admin-password”
}’

Use the JWT token (“a-very-long-string”) to authenticate subsequent requests.

Change the security setting:

curl -X PATCH \
 https://example.com/fmi/admin/api/v1/server/config/security \
 -H ‘Authorization: Bearer a-very-long-string’ \
 -H ‘Content-Type: application/json’ \
 -d ‘{
        “requireSecureDB”: true
}’

Confirm the new security setting (optional):

curl -X GET \
 https://example.com/fmi/admin/api/v1/server/config/security \
 -H ‘Authorization: Bearer a-very-long-string’

Logout (also optional, but generally a good idea as only a few admin connections can be open at once):

curl -X POST \
 https://example.com/fmi/admin/api/v1/user/logout \
 -H ‘Authorization: Bearer a-very-long-string’ \
 -H ‘Content-Type: application/json’

To make these requests against a list of servers, you just need to programmatically set the host address (e.g. https://example.com), username, and password within each curl command. The screencap below illustrates how to achieve this using a FileMaker script. For the purposes of this blog post, I’ve hard-coded and stored these in plain text. In production you’ll want to store and retrieve credentials in a secure manner using a service like AWS Secrets Manager.

The Admin API will be a trial feature until September 2019. You can provide feedback to FileMaker here.


Leave a Reply

4 − two =