How to get token_auth programmatically

cc1 · December 22, 2020, 9:34am

In the past I have automated the configuration of the WP-Matomo (WP-Piwik) plugin by getting the token_auth string for the user using a MySQL query and then setting the required variables using the WordPress CLI (see the Ansible tasks here).

However with Matomo 4.x the token_auth string is encrypted in the database so this won’t work.

Last year when asked about this on GitHub:

github.com/matomo-org/matomo

How to get token_auth programmatically, e.g. using OAuth 2.0 ?

opened 05:51PM - 04 Mar 19 UTC

closed 07:24PM - 04 Mar 19 UTC

saadsarfrazz

answered

Hi, I am working on "Reporting HTTP API" to export data from matomo. It is m…entioned here https://developer.matomo.org/api-reference/reporting-api#authenticate-to-the-api-via-token_auth-parameter that token_auth can be generated manually (in user settings) to be used in API reporting. I wanted to ask if there as any programmatic way to retrieve this token e.g. using OAuth 2.0 may be? Also what is that age of token_auth.Does it not expire unless user regenerates it? Regards, Saad.

The answer given was to use the API:

You can find more info about APIs here: https://developer.matomo.org/api-reference/reporting-api

Checkout UsersManager.getTokenAuth method to get token.

However that method is not in the list of UsersManaged methods, is there an undocumented method that can be used or is some PHP now needed to access the token_auth for a user?

Lukas · December 22, 2020, 2:48pm

Hi,

Matomo 4 doesn’t have one token_auth per user any more, but allows every user to create as many API tokens as they like and revoke them seperatly.

The API to create those token is UsersManager.createAppSpecificTokenAuth as shown in the API docs.

cc1 · December 22, 2020, 7:15pm

Thanks @Lukas, that method requires the password for the user account?

UsersManager.createAppSpecificTokenAuth (userLogin, passwordConfirmation, description, expireDate = ‘’, expireHours = ‘0’) [ No example available ]

If this is the case then it can’t be used without changing the users password in situations when one doesn’t have the users password?

In my case I won’t have the users password when I’m adding a site to an existing account.

Lukas · December 22, 2020, 8:13pm

Hi,

It seems like it isn’t possible to create a token for another user (but I think it also wasn’t possible with Matomo 3)

cc1 · December 22, 2020, 10:05pm

With Matomo 3.x I used a MySQL query to get the token_auth.

Saqib_Ali · December 17, 2021, 6:51am

Hi ,

Have you found any solution ?

We also have been using token_auth for matomo dashboard to embed in iframe but now in matomo 4.6.0 it looks there is no way to get token_auth either through MySQL query or matomo API .

Thanks

cc1 · December 17, 2021, 9:33am

Not really, but I worked around it by keeping a copy of users passwords, which breaks when users change them, it’s not ideal, it’s all in this Ansible role:

Saqib_Ali · January 5, 2022, 12:35pm

Thanks it helped for Non Super users .