Updated about 1 year ago by: markus schulte


DOWNLOAD: check files below


we @DOM use redmine as a central source for use authentication. other applications authenticate via PAM and a pam script then does some magic to authenticate against the redmine db.
this proccess is not sufficient any longer.

what we need is an redmine auth-api.
if we had one we could use curl to ask for authorization:

the plugin should only set the proper HTTP-Status code and return no data.
this way

curl -w "%{http_code}\n" -u"user:password" -s<plugin_namespace>/%projectID/%permission 

only returns 401 or 200.

the api-key may substitute


user shall only be able to ask for his own permissions.

the plugin should honour any redmine permission introduced by any third party plugin.

skype conversation


Redmine version 3.1.0.stable.14520
Ruby version 2.3.0-p-1 (2015-08-24) [x86_64-linux]
Rails version 4.2.3


Instructions to deploy and use the plugin.

  1. Unzip the plugin in plugins folder
  2. Restart server
  3. There is a new permission "Auth api" added. You need to check this permission for roles in order to allow them to authorize for a permission via curl.
  4. You can use the following curl commands to authorize for permissions

Via username and password
curl -v -H "Content-Type: application/json" -X GET -u <login>:<password><project_id or identifier>/<permission>

curl -v -H "Content-Type: application/json" -X GET -u ramiz:1234

Via api key
curl -v -H "Content-Type: application/json" -X GET -H "X-Redmine-API-Key: <api key>"<project_id or identifier>/<permission>

curl -v -H "Content-Type: application/json" -X GET -H "X-Redmine-API-Key: 7c75d6e187b70066deb573e58fe473660e196c0e"

  • Slack Channel: -
Add picture from clipboard (Maximum size: 1.05 GB)