Login required for REST API?

EDIT: see the additional “EDIT” at the bottom of this posting.

Attempting to use the REST API with a stand alone Perl application to read a few outputs and display on a web page. When using a web browser, the URL for the REST request displays proper info.

But when making the request programmatically (with Perl’s REST::Client library’s GET() function) the only data returned is ‘IoTaWatt-Login’. So my question is: does the REST API require a username/password and if so, in what format?

Oddly enough, the Perl program functioned properly yesterday with no login. After I reconfigured the IoTaWatt’s Auto Update Class to MAJOR the firmware updated and this problem arose.

Thanks – I’ll be grateful for any light you can shed on this for me.



EDIT (20 minutes later):

Inspired by the thread " [Influx2 upload stopped after upgrade]" I reverted the software from 02_05_12 to the old version (02_06_05). A quick test shows all is working again.

My compliments: the software reversion process was fast and painless.

I’ll leave the Auto Update Class at NONE until I hear further.


02_05_12 is a very old release. There was a change in 02_06 to optionally allow access without password on the local LAN. I would recommend you leave auto-update on MINOR, for which 02_06_05 Is current.

Thanks. But now I’m really confused. When I changed the Auto Update Class to MAJOR the IoTaWatt immediately “upgraded” to 02_05_12. I set the update class back to NONE and manually upgraded to 02_06_05. I checked “Unrestricted LAN access” and all is well again.

But the question remains: how can I supply a login/password to the REST API? The IoTaWatt Documentation release 02_30_20 doesn’t specify anything about that in the Query API chapter.

I dont know anything about how Perl does http, but this is standard authorization.

When you issue a request that requires authorization, the server (IoTaWatt) first looks for a valid authorization header. If found, the request is serviced. If not found, a 401 authorization required response is returned. The response specifies the authorization method “digest” and includes the parameters needed to construct the digest authorization. The client resends the request with the digest authorization header.

Subsequent requests are typically then sent with a digest authorization header, thus eliminating the need for the 401 authorization required response.

Thank you – I can deal with that.