FileMaker 17: Admin API

FileMaker 17: Admin API

If you manage multiple instances of FileMaker Server, maintenance would typically be performed by logging in to each via a web browser or running fmsadmin CLI commands. These methods become unwieldy when you need to make the same change or gather the same bit of information across several servers. A seemingly simple task now takes 30 minutes or more with multiple servers. For example, ensuring that servers have enabled the security setting “Host password-protected databases only” is a quick task for the first few servers, but surprisingly time-consuming when checking twenty.

The time-saving solution to administering a fleet of Filemaker Server instances is the Admin API. Prior to 17, the Admin API was only available in FileMaker Cloud. Now, FileMaker Server 17 running on Windows or Mac OS can be administered from any tool capable of generating HTTP requests, including curl, PHP, and Filemaker Pro Advanced. Given a list of server addresses, we can programmatically log in to each server to gather configuration information, close database files, run schedules, and more.

To start off, here is the sequence of curl commands necessary to enable the “Host password-protected databases only” setting on a single server:

Obtain a JWT token:

curl -X POST \
https://example.com/fmi/admin/api/v1/user/login \
-H ‘Content-Type: application/json’ \
-d ‘{
“username”: “admin”,
“password”: “admin-password”
}’

Use the JWT token (“a-very-long-string”) to authenticate subsequent requests.

Change the security setting:

curl -X PATCH \
https://example.com/fmi/admin/api/v1/server/config/security \
-H ‘Authorization: Bearer a-very-long-string’ \
-H ‘Content-Type: application/json’ \
-d ‘{
“requireSecureDB”: true
}’

Confirm the new security setting (optional):

curl -X GET \
https://example.com/fmi/admin/api/v1/server/config/security \
-H ‘Authorization: Bearer a-very-long-string’

Logout (also optional, but generally a good idea as only a few admin connections can be open at once):

curl -X POST \
https://example.com/fmi/admin/api/v1/user/logout \
-H ‘Authorization: Bearer a-very-long-string’ \
-H ‘Content-Type: application/json’

To make these requests against a list of servers, you just need to programmatically set the host address (e.g. https://example.com), username, and password within each curl command. The screencap below illustrates how to achieve this using a FileMaker script. For the purposes of this blog post, I’ve hard-coded and stored these in plain text. In production you’ll want to store and retrieve credentials in a secure manner using a service like AWS Secrets Manager.

The Admin API will be a trial feature until September 2019. You can provide feedback to FileMaker here.

By Ian Harris

Cookie	Duration	Description
cookielawinfo-checbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.