# GuruRMM API Access Configuration [SUCCESS] Created admin user for Claude API access on 2026-01-22 ## API Endpoint - **Base URL**: http://172.16.3.30:3001 - **API Docs**: http://172.16.3.30:3001/api/docs (if available) - **Production URL**: https://rmm-api.azcomputerguru.com ## Authentication Credentials ### Claude API User (Admin) - **Email**: claude-api@azcomputerguru.com - **Password**: ClaudeAPI2026!@# - **Role**: admin - **User ID**: 4d754f36-0763-4f35-9aa2-0b98bbcdb309 - **Created**: 2026-01-22 16:41:14 UTC ### Existing Admin User - **Email**: admin@azcomputerguru.com - **Role**: admin - **User ID**: 490e2d0f-067d-4130-98fd-83f06ed0b932 ## Database Access ### PostgreSQL Connection - **Host**: 172.16.3.30 - **Port**: 5432 - **Database**: gururmm - **Username**: gururmm - **Password**: 43617ebf7eb242e814ca9988cc4df5ad ### Connection String ``` postgres://gururmm:43617ebf7eb242e814ca9988cc4df5ad@172.16.3.30:5432/gururmm ``` ## JWT Configuration - **JWT Secret**: ZNzGxghru2XUdBVlaf2G2L1YUBVcl5xH0lr/Gpf/QmE= - **Token Expiration**: 24 hours (default) ## API Usage Examples ### 1. Login and Get Token ```bash curl -X POST http://172.16.3.30:3001/api/auth/login \ -H "Content-Type: application/json" \ -d '{"email":"claude-api@azcomputerguru.com","password":"ClaudeAPI2026!@#"}' ``` **Response:** ```json { "token": "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9...", "user": { "id": "4d754f36-0763-4f35-9aa2-0b98bbcdb309", "email": "claude-api@azcomputerguru.com", "name": "Claude API User", "role": "admin", "created_at": "2026-01-22T16:41:14.153615Z" } } ``` ### 2. Use Token for Authenticated Requests ```bash TOKEN="your-jwt-token-here" # List all sites curl http://172.16.3.30:3001/api/sites \ -H "Authorization: Bearer $TOKEN" # List all agents curl http://172.16.3.30:3001/api/agents \ -H "Authorization: Bearer $TOKEN" # List all clients curl http://172.16.3.30:3001/api/clients \ -H "Authorization: Bearer $TOKEN" ``` ### 3. Python Example ```python import requests # Login login_response = requests.post( 'http://172.16.3.30:3001/api/auth/login', json={ 'email': 'claude-api@azcomputerguru.com', 'password': 'ClaudeAPI2026!@#' } ) token = login_response.json()['token'] # Make authenticated request headers = {'Authorization': f'Bearer {token}'} sites = requests.get('http://172.16.3.30:3001/api/sites', headers=headers) print(sites.json()) ``` ## Available API Endpoints Based on the GuruRMM server structure, common endpoints include: - `/api/auth/login` - User authentication - `/api/auth/register` - User registration (disabled) - `/api/sites` - Manage sites/locations - `/api/agents` - Manage RMM agents - `/api/clients` - Manage clients - `/api/alerts` - View and manage alerts - `/api/commands` - Execute remote commands - `/api/metrics` - View system metrics - `/api/policies` - Manage policies - `/api/users` - User management (admin only) ## Database Tables The gururmm database contains these tables: - **users** - User accounts and authentication - **sites** - Physical locations/sites - **clients** - Client organizations - **agents** - RMM agent instances - **agent_state** - Current agent status - **agent_updates** - Agent update history - **alerts** - System alerts and notifications - **alert_threshold_state** - Alert threshold tracking - **commands** - Remote command execution - **metrics** - Performance and monitoring metrics - **policies** - Configuration policies - **policy_assignments** - Policy-to-site assignments - **registration_tokens** - Agent registration tokens - **user_organizations** - User-to-organization mapping - **watchdog_events** - System watchdog events ## Password Hashing Passwords are hashed using **Argon2id** with these parameters: - **Algorithm**: Argon2id - **Version**: 19 - **Memory Cost**: 19456 (19 MB) - **Time Cost**: 2 iterations - **Parallelism**: 1 thread **Hash format:** ``` $argon2id$v=19$m=19456,t=2,p=1$SALT$HASH ``` ## Security Notes 1. **JWT Token Storage**: Store tokens securely, never in plain text 2. **Token Expiration**: Tokens expire after 24 hours (verify actual expiration) 3. **HTTPS**: Use HTTPS in production (https://rmm-api.azcomputerguru.com) 4. **Rate Limiting**: Check if API has rate limiting enabled 5. **Admin Privileges**: This account has full admin access - use responsibly ## Server Configuration Located at: `/opt/gururmm/.env` ```env DATABASE_URL=postgres://gururmm:43617ebf7eb242e814ca9988cc4df5ad@localhost:5432/gururmm JWT_SECRET=ZNzGxghru2XUdBVlaf2G2L1YUBVcl5xH0lr/Gpf/QmE= SERVER_HOST=0.0.0.0 SERVER_PORT=3001 RUST_LOG=info,gururmm_server=info,tower_http=debug AUTO_UPDATE_ENABLED=true DOWNLOADS_DIR=/var/www/gururmm/downloads DOWNLOADS_BASE_URL=https://rmm-api.azcomputerguru.com/downloads ``` ## Microsoft Entra ID SSO (Optional) The server supports SSO via Microsoft Entra ID: - **Client ID**: 18a15f5d-7ab8-46f4-8566-d7b5436b84b6 - **Redirect URI**: https://rmm.azcomputerguru.com/auth/callback - **Default Role**: viewer ## Testing Checklist - [x] User created in database - [x] Password hashed with Argon2id (97 characters) - [x] Login successful via API - [x] JWT token received - [x] Authenticated request successful (tested /api/sites) - [x] Token contains correct user ID and role ## Next Steps 1. Integrate this API into ClaudeTools for automated RMM management 2. Create API wrapper functions in ClaudeTools 3. Add error handling and token refresh logic 4. Document all available endpoints 5. Set up automated testing for API endpoints ## Troubleshooting ### Login Issues - Verify email and password are correct - Check database connection - Ensure GuruRMM server is running on port 3001 - Check logs: `journalctl -u gururmm-server -f` ### Token Issues - Token expires after 24 hours - refresh by logging in again - Verify token is included in Authorization header - Format: `Authorization: Bearer ` ### Database Issues ```bash # Check database connection PGPASSWORD='43617ebf7eb242e814ca9988cc4df5ad' \ psql -h 172.16.3.30 -p 5432 -U gururmm -d gururmm -c 'SELECT version();' # Verify user exists PGPASSWORD='43617ebf7eb242e814ca9988cc4df5ad' \ psql -h 172.16.3.30 -p 5432 -U gururmm -d gururmm \ -c "SELECT * FROM users WHERE email='claude-api@azcomputerguru.com';" ``` --- **Document Created**: 2026-01-22 **Last Updated**: 2026-01-22 **Tested By**: Claude Code **Status**: Production Ready