Connect API Specification

rstudio-connect

#10

Ohh yeah. Sorry, I didn't think about Shiny application start / stops. Yeah, I don't think those are in the Audit logs. You should have render history / etc. of Rmd's and such, though. A good way to test would be to poke around at different things and then see what shows up in the audit logs (that is how I confirmed render history of Rmd reports).


#11

Hi Cole, I have been able to pull users and specific actions from audit logs. The app/code works fine on my desktop, however its fails with error as I publish in connect server.

Error in curl::curl_fetch_memory(url, handle = handle)
SSL certificate problem: self signed certificate in certificate chain

connect is HTTPS server.


#12

It sounds like Connect is using a self-signed certificate in this case? Is that true? If so, you will need to set up the server so that it is possible to type curl https://myconnect.com:port from the Connect server and get a valid response (rather than a self-signed certificate problem).

Again, if this is the case, I suspect you have done some such setup on your desktop prior to publishing to RStudio Connect?


#13

In my desktop: I added certificate path and details as I call rsconnect package and it was able to publish.
I am wondering How I can achieve the same in connect servers.


#14

@Ankur Right, so it sounds like you have a self-signed certificate in use for RStudio Connect, which is why the certificate path / details is needed when you publish to RStudio Connect. You can set up the Connect server itself to trust that certificate, as well, and there are a myriad of ways to do so that depend on your operating system.

Are you the RStudio Connect administrator, or do you have an administrator who can set up the server to trust its own certificate? As I mentioned above, you need to be able to log into the RStudio Connect server via SSH and execute curl https://myconnect.com:port/ without a certificate complaint. Once that is done, the content on Connect should be able to access the API over https without this issue.

A hacky workaround that I haven't completely thought through but which might be possible... if there is a way to manually provide the certificate details to your curl command (i.e. in your code) or tell the curl command to ignore the certificate validation (curl -k or curl --insecure on the command line), then that could also allow your code to work. Definitely not the preferred approach... I would recommend talking to your server admin, as this is a problem you will encounter anytime you want to use the Connect Server API in the future.


#15

Hi,

Below is our initial attempt to collect the logs and also the Shiny usage info with a user appended. It would be helpful to have the app names available too. I think the logs have the app id and the shiny stuff has the content_guid. Any chance of getting decodes for both added to the API in future releases?

if(!success) {install.packages("pacman")
  require(pacman)
}

pacman::p_load(jsonlite, httr, curl, dplyr, data.table)

connectServer <- ""
apiKey <- ""
# set up environment
# Note that the connectServer string must have a trailing slash

# get audit logs
authHeader <- add_headers(Authorization = paste("Key", apiKey))
resp <- GET(
  paste0(connectServer, "__api__/v1/audit_logs?ascOrder=true&limit=500"),
  authHeader
)
payload <- content(resp)
# print first 25!
# print(payload$result)
# now step through the remaining audit logs

log <- rbindlist(payload$result)

while(!is.null(payload$paging[["next"]])) {
  resp <- GET(payload$paging[["next"]], authHeader)
  payload <- content(resp)
  # print the next 25
  # print(payload$result)
  
  log <- rbind(log, rbindlist(payload$result))
 
}

# Get Shiny App Usage
authHeader <- add_headers(Authorization = paste("Key", apiKey))
resp <- GET("localhost:3939/__api__/v1/instrumentation/shiny/usage?ascOrder=true&limit=500",
            authHeader)

payload <- content(resp)

shiny_usage <- rbindlist(payload$result)

while(!is.null(payload$paging[["next"]])) {
  resp <- GET(payload$paging[["next"]], authHeader)
  payload <- content(resp)
  # print the next 25
  # print(payload$result)
  shiny_usage <- rbind(shiny_usage, rbindlist(payload$result))
}

# Get Users
users <- GET("localhost:3939/__api__/v1/users?page_size=500", 
             add_headers(Authorization = paste("Key", apiKey)))

user_info <- fromJSON(content(users, "text"))

user_info <- data.frame(user_info$results)

user_info

# Join Shiny Usage and Users
shiny_usage <- left_join(shiny_usage, user_info[c("username","guid")], by = c("user_guid"="guid"))



#16

Thanks Cole and sorry for my late response; It does throw me SSL error as I try to do curl from the RSonnect server.

I am using GET(url, add_headers(Authorization = apikey))) to connect from my desktop RStudio; its working fine. Do we have any option to certificate over here ?

Regards,
Ankur


#17

My recommendation would definitely be to not use a self-signed certificate. A certificate generated by your company's Certificate Authority (ask your IT department, as most companies have one) will likely be automatically trusted by Connect itself (as well as all other computers on your network), and so is a much better user experience.

If you have no choice but to use the self-signed certificate, your options are to:

  • somehow pass the certificate along with your app so that you can manually declare trust (not great)
  • find a way to tell the curl package not to worry about validating certificates (not great)
  • import the self-signed certificate into your Connect server's set of trusted certificates (This is an example SO post on the topic of RedHat )

#18

Very nice! Thanks for sharing!!

A couple of things:

There is definitely some exciting stuff out there to be explored!

EDIT: Oh, there are also some bash examples of using these deployment / content APIs here:


#19

Thank you, I will go through the release docs :slight_smile:

Also, I have fixed my code, added config option and its working good in Rstudio Connect server.


#20

Thank you :slight_smile:

How would you map App_guid with App_ID?


#21

I would check out the connect usage markdown document on github referenced above by Cole. It has details on getting decodes of the user and content guids, https://github.com/sol-eng/connect-usage.


#22

Most everything will start to transition to app_guid (and GUID is actually available in the "INFO" tab for a given piece of content - see the bottom of this image).

I actually don't think the mapping is really exposed anywhere easy to access, or I'm just missing something obvious in the API guide. Where did you get the App ID that you are trying to map to a GUID? Or are you trying to go the other direction? Do you mind explaining a bit about what you're trying to do?


#23

sorry for my late response; I havenot yet figured out a way to map them;
Is there a plan for such option in future connect release?


#24

Yes, we would definitely love to address the issue you are facing. Do you mind clarifying for me where you are getting the App ID, though? It would be ideal to understand what your workflow is, so that any proposed solution would resolve the issue.


#25

Hi Cole,
I have queried "v1/instrumentation/shiny/usage". The result set gives me an output with 'content_guid' and 'user_guid';
Next I have mapped user_guid with user_id (queried from "v1/users").
My final frame looks like below example:

app_guid and User_ID
yshao77691911 (username)


#26

Awesome. And so what is your desired state? Are you trying to get the content information now?


#27

Hi Cole,

I am looking for a frame which will have results with following components atleast:
Userid; App_ID; App_Name


#28

And why do you need the app_id in your output? What are you using it for?


#29

Hi Cole,

I dont need app_id. Basically I am looking for a frame which can show userid and appname; We may also plan for another frame like user_id, app_name, schedule_time....

if there is option to achieve this without app_id; then I am fine :smile: