CODEWITHSUNDEEP
phprestsoapzimbra
Blaž Oražem
Blaž Oražem

Reputation: 902

Zimbra SOAP create account

I want to create Zimbra user account with SOAP API and can't get it to work - it's strange because I can get the AuthToken and can even view info of the accounts that are already created (via admin panel) with request GetAccountRequest, but the creation of the account does not work.

Here's my code for the AuthToken (POST) request:

Header: Content-Type: application/soap+xml

<soap:Envelope xmlns:soap="http://www.w3.org/2003/05/soap-envelope">
  <soap:Header xmlns="urn:zimbra">
    <context></context>
  </soap:Header>
  <soap:Body>
    <AuthRequest xmlns="urn:zimbraAdmin" password="myPassword"> 
        <account by="adminName">[email protected]</account> 
    </AuthRequest>
  </soap:Body>
</soap:Envelope>

And this works, I get the Auth token back.

Next I try to create new user account with this (POST) request:

<soap:Envelope xmlns:soap="http://www.w3.org/2003/05/soap-envelope">
  <soap:Header xmlns="urn:zimbraAdmin">
    <context>
<authToken> 0_69cd602eef3cf46bb488b02c6a173da698d17bdb_69643blablaTherestofmyauthtoken</authToken>
</context>
  </soap:Header>
  <soap:Body>
     <CreateAccountRequest xmlns="urn:zimbraAdmin" name="[email protected]" password="john123!"> 
        <a n="givenName">John</a>
        <a n="sn">Doe</a>
        <a n="displayName">John Doe</a>
    </CreateAccountRequest>
  </soap:Body>
</soap:Envelope>

And this is the response I get:

SimpleXMLElement Object
(
    [soap:Code] => SimpleXMLElement Object
        (
            [soap:Value] => soap:Sender
        )

    [soap:Reason] => SimpleXMLElement Object
        (
            [soap:Text] => no valid authtoken present
        )

    [soap:Detail] => SimpleXMLElement Object
        (
            [Error] => SimpleXMLElement Object
                (
                    [Code] => service.AUTH_REQUIRED
                    [Trace] => btpool0-3022://zimbra.mydomain.com:7071/service/admin/soap:1449756733826:bc04a0eab6d6c7ec:SoapEngine368
                )

        )

)

Can anyone help me please?

Upvotes: 2

Views: 3472

Answers (2)

Ryan
Ryan

Reputation: 1

Zimbra provides two methods to obtain the AuthToken:

  1. User Token
<soap:Envelope xmlns:soap="http://www.w3.org/2003/05/soap-envelope" xmlns:urn="urn:zimbraAccount">
    <soap:Header/>
    <soap:Body>
        <urn:AuthRequest>
            <urn:account by="name">${email}</urn:account>
            <urn:password>${password}</urn:password>
        </urn:AuthRequest>
    </soap:Body>
</soap:Envelope>
  1. Admin Token

<soap:Envelope xmlns:soap="http://www.w3.org/2003/05/soap-envelope" xmlns="urn:zimbraAdmin">
    <soap:Header/>
    <soap:Body>
        <AuthRequest xmlns="urn:zimbraAdmin">
            <account by="name">${email}</account>
            <password>${password}</password>
        </AuthRequest>
    </soap:Body>
</soap:Envelope>

Note: Both token payloads in the requests are similar, but the namespace changes to urn:zimbraAdmin for the Admin Token.

When working with the Admin API, it is essential to obtain the AdminToken. The documentation specifies the required namespace in the header, typically labeled as Service:

  • Namespace: "urn:zimbraAdmin"

Whenever the namespace is "urn:zimbraAdmin," the Admin Token must be used.

To create an account, use the following example:

<soap:Envelope xmlns:soap="http://www.w3.org/2003/05/soap-envelope" xmlns="urn:zimbraAdmin">
    <soap:Header/>
    <context xmlns="urn:zimbraAdmin">
        <authToken>${authAdminToken}</authToken>
    </context>
    <soap:Body>
        <CreateAccountRequest name="${email}" password="${password}">
        </CreateAccountRequest>
    </soap:Body>
</soap:Envelope>

Upvotes: 0

Blaž Oražem
Blaž Oražem

Reputation: 902

So I figured it out - when you make an AuthToken request, you receive a cookie with the AuthToken value and when you try to create a new user account, you have to send that cookie back in the header section like this:

Cookie: ZM_ADMIN_AUTH_TOKEN=0_69cd602eef3cf46bb488b02c6a173da698d17bdb_69643blablaTherestofmyauthtoken

The whole request must look like this:

$request= array(
    'http' => array(
        'method'  => 'POST',
        'header'  => array(
            'Content-Type: application/soap+xml',
            'Cookie: ZM_ADMIN_AUTH_TOKEN=0_69cd602eef3cf46bb488b02c6a173da698d17bdb_69643blablaTherestofmyauthtoken',
        ),
        'timeout'  => 20, 
        'ignore_errors' => true,  
        'content'  => '
            <soap:Envelope xmlns:soap="http://www.w3.org/2003/05/soap-envelope">
                <soap:Header xmlns="urn:zimbraAdmin">
                    <context>
                        <authToken> 0_69cd602eef3cf46bb488b02c6a173da698d17bdb_69643blablaTherestofmyauthtoken</authToken>
                    </context>
                </soap:Header>
                <soap:Body>
                    <CreateAccountRequest xmlns="urn:zimbraAdmin" name="[email protected]" password="john123!"> 
                        <a n="givenName">John</a>
                        <a n="sn">Doe</a>
                        <a n="displayName">John Doe</a>
                    </CreateAccountRequest>
                </soap:Body>
            </soap:Envelope>
        ',
    ),
);

It is explained in the documentation the Admin Authorization token is required, but it doesn't says anywhere you have to send that back via cookie in the request header.

Upvotes: 3

Related Questions