Getting started with RHSM APIs in tech preview

Updated -

Introduction

Red Hat Subscription Management is now offering limited APIs in its tech preview. If you are interested in participating in this program, please contact us the program lead Shea DeAntonio. We will provide you with:

  • Client ID and secret
  • Token URL
  • Your Customer Portal credentials

Once you have that you can proceed with the rest of the instructions.

Using RHSM APIs in the tech preview

Using APIs in RHSM can help you more effectively keep track of and automate how you manage your Red Hat subscriptions and entitlement usage. By using APIs in RHSM, you can:

  • Control which tooling you use for which products
  • Better manage your system inventory
  • Update and secure your systems more efficiently
  • Continue receiving official support for your Red Hat products

In order to transition to using APIs for Red Hat Subscription Management, Red Hat has created a tech preview program for early access and feedback. Red Hat is in the process of decommissioning Red Hat Network (RHN), including access to its APIs. As a part of this effort, Red Hat has been developing and documenting supported for RHSM.

Building RHSM APIs into scripts

Developers familiar with standard OIDC libraries that supports OAuth 2.0 can use those libraries to build authorization to the Red Hat Subscription Management APIs into scripts and applications.

An option for testing APIs, or for users who access APIs less frequently, is to use a REST client. As long as your REST client supports OAuth 2.0 or custom form submission, you can use that client to access the Red Hat Subscription Management APIs. Some examples, using popular REST clients:

Example for Postman

  1. Open a new Postman session.
  2. Select OAuth 2.0 on the Authorization.
  3. Click Get New Access Token.
  4. Enter a Token Name
  5. Select Password Credentials for Grant Type.
  6. Enter https://sso.redhat.com/auth/realms/3scale/protocol/openid-connect/token as the Access Token URL.
  7. Enter your Customer Portal username and password.
  8. Enter the Client ID and Client Secret you obtained from Red Hat.
  9. Leave scope empty.
  10. Select Send as Basic Auth Header as the Client Authentication.
  11. Click Request Token.

If your login is successful, your new access tokens and refresh token will be available under the Manage Access Tokens window:

  1. Click Use Token.
  2. Use the token to call the APIs:
    a. Select GET.
    b. Enter https://api.access.redhat.com/management/v1/systems.
  3. Click Send.

Example for Advanced REST Client

  1. Open a new request.
  2. Select POST.
  3. Enter https://sso.redhat.com/auth/realms/3scale/protocol/openid-connect/token.
  4. From the Headers tab, select Header name of Content-Type.
  5. Enter a Header value of application/x-www-form-urlencoded.
  6. From the Body tab, add the following form parameters:
    a. grant_type = password
    b. client_id = [the Client ID supplied by Red Hat]
    c. client_secret = [the Client Secret supplied by Red Hat]
    d. username = [your Customer Portal login]
    e. password = [your Customer Portal password]
  7. Click Send.

If your login is successful, your new access tokens and refresh token will be available in the response.

  1. Copy the value from the “ccess_token portion of the response.
  2. Open a new request.
  3. Select GET.
  4. Enter https://api.access.redhat.com/management/v1/systems.
  5. From the Headers tab, select Header name of Authorization.
  6. Enter a Header value of Bearer using the access_token you copied from the previous response.
  7. Click Send.

Example for RESTlet Chrome plugin

  1. Open a new request.
  2. Select POST.
  3. Enter https://sso.redhat.com/auth/realms/3scale/protocol/openid-connect/token.
  4. In the BODY section, change the format from Text to Form using the dropdown selection in the upper-right . This should automatically add a header of Content-Type: application/x-www-form-urlencoded.
  5. Add the following form parameters:
    a. grant_type = password
    b. client_id = [the Client ID supplied by Red Hat]
    c. client_secret = [the Client Secret supplied by Red Hat]
    d. username = [your Customer Portal login]
    e. password = [your Customer Portal password]
  6. Click Send.

If your login is successful, your new access tokens and refresh token will be available in the response.

  1. Copy the value from the “access_token” portion of the response.
  2. Open a new request.
  3. Select GET.
  4. Enter https://api.access.redhat.com/management/v1/systems.
  5. From the Headers tab, select Header name of Authorization.
  6. Enter a Header value of Bearer with the access_token you copied from the previous response.
  7. Click Send.

Accessing available Red Hat Subscription Management APIs

Red Hat provides a Swagger file to describe the specifications of the Red Hat Subscription Management APIs. The Swagger specification includes information about the API endpoints available, input parameters, expected output, and possible error responses. The swagger file can be imported into REST clients like Postman or RESTlet to automatically build a library of API calls. The .json file is attached to this kbase.

Contact Red Hat about RHSM API tech preview

We would love feedback on the API implementation we have so far. If you have any suggestions, please feel free to let us know in our survey or contact the program lead Shea DeAntonio directly.

If you run into problems and require support, please open a support case.

Attachments

Close

Welcome! Check out the Getting Started with Red Hat page for quick tours and guides for common tasks.