ReMarkableAPI icon indicating copy to clipboard operation
ReMarkableAPI copied to clipboard
verified publisher icon splitbrain

Using Any API Method (e.g. ./remarkable.php list) Post `register` is Failing with 401

Open funkeyfreak opened this issue 3 years ago • 7 comments

As the title suggests, I am unable to successfully call any endpoint - even after I call remarkable.php register <valid-registration-code>.

This may even be an issue with the overall usage of remarkable's endpoints, as I have been unable to call their endpoints directly.

Steps to reproduce:

  1. Query for a new token: 
    	GET: https://webapp-production-dot-remarkable-production.appspot.com/token/json/2/device/new`

    	 { 
	      "code": "fuzzbuzz",
	      "deviceDesc": "desktop-windows",
	      "deviceID": "160022F6-EA84-42C7-B413-C1F5C6C3112F"
	 }
  2. Fetch a refresh token: 
    	POST: https://webapp-production-dot-remarkable-production.appspot.com/token/json/2/user/new
	--header 'Authorization: Bearer eyJ...'
  3. Take the token from step 2, and validate the document endpoint: 
    	GET: https://service-manager-production-dot-remarkable-production.appspot.com/service/json/1/document-storage?environment=production&group=auth0%7C5a68dc51cb30df3877a1d7c4&apiVer=2
	--header 'Authorization: Bearer eyJ...'
    Which returns 
    	{
	      "Status": "OK",
	      "Host": "document-storage-production-dot-remarkable-production.appspot.com"
	}
  4. Take this endpoint, and query the docs endpoint 
    	GET: https://document-storage-production-dot-remarkable-production.appspot.com/document-storage/json/2/docs
	--header 'Authorization: Bearer eyJ...'
    Which returns a 401: Unauthorized status code. What am I missing?

funkeyfreak avatar Jan 31 '22 00:01 funkeyfreak

It seems all community projects are affected. See https://github.com/rschroll/rmfuse/issues/42 or https://github.com/benoitsepe/reMarkable-typescript/issues/34. Other projects I am using have stopped working as well. There must have been a change in the API.

polletfa avatar Apr 06 '22 18:04 polletfa

Is this going to be fixed anytime soon? :)

KlimaRitter avatar May 21 '22 13:05 KlimaRitter

Bumping this up to report the same problem.

ratthing avatar Jun 14 '22 19:06 ratthing

Bumping as well, since I am experiencing the same issue.

jacks4ever avatar Jul 23 '22 16:07 jacks4ever

Same here

elvijs avatar Jul 24 '22 14:07 elvijs

same issue here, missing kid

JulienElkaim avatar Oct 07 '22 15:10 JulienElkaim

I used a Windows desktop app and Fiddler (my trial expired already, would be nice if someone pick up from here).

Looks like they changed the workflow - from what I've seen the desktop app does the following:

  • on start it refreshes the token, sending the one it got on registration (my app was registered about two years ago and apparently it stores this initial token internally. This token has no expiry date but is used only to get fresh one)
  • using this fresh (session) token gets the url to raw google store endpoint
  • interacts with this endpoint in a very strange manner - in post request sends the operation it wants to perform (get, put, etc) and receives this operation url and some sort of security token, with very limited lifetime.
  • calls the url received to get or update the actual file, security token is passed in a query string.

Did not have much time to analyse this communication, can provide the logs though...

I understand that I don't understand something - why rM folks do not provide public straightforward API to their cloud?

Yury-Zakharov avatar Oct 13 '22 19:10 Yury-Zakharov