matomo api authentication token

You may revoke a token by using the revokeAccessToken method on the TokenRepository. Matomo is an open source platform for web analytics software solutions. The Grafana backend exposes an HTTP API, the same API is used by the frontend to do everything from saving dashboards, creating users and updating data sources. Matomo is a secure open web analytics platform. This /oauth/token route will return a JSON response containing access_token, refresh_token, and expires_in attributes.

If the Matomo plataform hosts an API management applications can authenticate themselves. The Matomo (formerly Piwik) Reporting API facilitates data generation for specified requests including daily, weekly, monthly, and yearly periods as well as reports for specified date ranges. Developers can integrate tracking of page views, events, and visitors. It wouldn't be too trivial to apply this to API requests as our UI is based on the API and sends the token in API requests which means we would need to change a lot of the UI how this works currently. – lw1.at Apr 5 '18 at 11:49 @LukasWinkler Thank you for you answer. The Matomo Tracking API returns JSON responses and supports token authentication. Requirements. I am not sure on how to solve this as every kind of token could trivially be caught and then used for the "fake" requests.

The expires_in attribute contains the number of seconds until the access token expires. The goal of this issue is to discuss and plan the work needed to add Two Factor Authentication in Matomo.

This Plugin is based on the original Matomo (Piwik) Login plugin and needs this one to be installed but not active. Supported HTTP APIs: Authentication API ATTENTION: Activating Google Authenticator for an account, also requires an auth code for direct API requests with the users token auth. import datetime from PMMatomo import Matomo, MatomoReportPeriod m = Matomo (url = YOUR_MATOMO_API_URL, token = YOUR_MATOMO_AUTHENTICATION_TOKEN, siteId = YOUR_SITE_ID) m. enableFilterLimit (False) m. setReportPeriod (MatomoReportPeriod. Use &auth_code={authcode} to do that. Revoking Tokens.

Access to the RESTful API requires token authentication. mattab changed the title OAuth plugin for API authentication OAuth2 / oAuth plugin for API authentication Sep 20, 2015 This was referenced Sep 20, 2015 Restricting token_auth access #8816 You can find your auth token in your Piwik Dashboard on the Personal > Settings > API Authentication Token page) Set the Connection Timeout Limit (We suggest 5-10 seconds) Set the Time Interval (Controls the visual time span of the Widget graph.