Citrix Sharefile Generate Api Key

Posted By admin On 17.12.20

In order to request an API Key or test API requests on this site you must be authenticated with your ShareFile credentials. Click here to log in to log in. In order to request an API Key or test API requests on this site you must be authenticated with your ShareFile credentials. Click here to log in to log in.

I am trying to connect to the Sharefile API with Powershell, I am using the instructions found at https://jstrong013.github.io/Invoke-RestMethod-with-ShareFile-API/ to do this.

My problem is that when I enter the username and password for my account I keep getting told that it is incorrect. Could this be because my account is authenticated via SSO from Azure AD? Is there any way to use the API if that is the case or will I need to set up a local sharefile account just for this?

For existing users, the user is prompted to enter the phone number that is enabled for text message (SMS) or voice on the next login from the Web App, client tools like Citrix Files for Windows, or mobile app like Citrix Files for iOS. See the Web App example: Two-Step Verification for ShareFile apps. ShareFile V3 Rest API. Innovate by integrating with ShareFile. Citrix ShareFile supports external integration through our HTTP-based REST API. We implement a subset of the ODATA specification, which is a set of standards for how to describe objects and actions in a REST API. Hi Mitali, From the HTTP Response, it seems like the you are not passing the ClientId, and Client Secret in HTTP Request while generating the OAuth Token.

This means that the client application waits for a response from the NITRO web service before executing another NITRO API. The official version of this content is in English. Some of the Citrix documentation content is machine translated for your convenience only. The recommended way to interact with the ShareFile API from.NET code is via the ShareFile Client SDK. Only use the code below if you are working on a legacy project running a.NET Framework version older than 4.5.

Here is the exact error message:

Invoke-RestMethod : {'error':'invalid_grant','error_description':'invalid username or password'}
At C:UsersxxxxxxFor Work LaptopGet API Key for Citrix.ps1:18 char:13
+ $response = Invoke-RestMethod $tokenroute -Method POST -Body $creds - ..
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : InvalidOperation: (System.Net.HttpWebRequest:HttpWebRequest) [Invoke-RestMethod], WebException
+ FullyQualifiedErrorId : WebCmdletWebResponseException,Microsoft.PowerShell.Commands.InvokeRestMethodCommand

Applicable Products

  • ShareFile

Objective

Article Contents (click a link to skip to that section)

About Two-Step Verification

Citrix Two-Step Verification uses your phone to provide an extra layer of security for your username. After you log in, you are asked to enter a verification code that is sent to your phone via text message (SMS) or voice call, and supported Authenticator apps like Google and Microsoft as an option instead of your usual password.
This feature is available to both Client and Employee Users. Two-Step Verification is supported on iOS and Android mobile devices.
Note: Some apps require an app-specific password that must be generated each time you want to sign into the app
Note 2: This feature is not available for trial accounts.

Enforcing Two-Step Verification

By enabling this feature, you make the Two-Step Verification option available to all users on the account. ShareFile Admins have the option to set policies requiring specific groups of users to enroll in Two-Step Verification.

Important!
All ShareFile accounts will default to requiring two-step verification for employee users. Administrators will not be able to disable this setting until after the account's Master Administrator completes a legally binding opt-out waiver.

You may find the opt-out waiver located in the Admin Settings > Security > Login & Security Policy > Two-Step Verification section.

Once you click on the Fill out the waiver link, you are guided through the following screens:

After you have completed the opt-out waiver, you may uncheck the Require for employee users checkbox and click Save.

Instructions

FAQ

  1. What backup capabilities are available for users in case they don’t have the phone registered for Two-Step Verification?

Users have the following choices for backup:

  • Using Authenticator App – users can configure supported Authenticator app like Microsoft or Google by following the instructions under Personal Settings-> Personal Security -> Two Step Verification.
  • All standard Authenticator apps that use the HOTP algorithm and accept a QR code are supported.
  • Using Backup Codes as shown prior
  • Enter a Backup Phone (Voice for example if you use SMS / Text previously)
  1. What is the expiration time frame for the text / SMS or voice based passcode?
The text / SMS or voice based passcode will expire in 2 minutes
  1. Can I disable Text / SMS / Voice option for Two-Step Verification if I have setup an Authenticator app?
At this time, the authenticator app support serves as a backup where the phone is the primary option. We are validating the right set of capabilities to enable authenticator app as the primary option with phone as a backup.

Enabling Two-Step Verification

Two-Step Verification settings are managed at Personal Settings > Personal Security > Two Step Verification.


You are prompted to enter your country as well as the phone number you would like ShareFile to send an SMS or voice message to. You do not need to enter your country code,. You can choose to receive either a text (SMS) message or a voice call to your provided phone number.
Pressing Send will send a code via the selected method to the provided number. Enter the code on the next screen in order to complete the setup of two-step verification. You are given the option to trust the computer you are currently using. Use this if you do not want to be prompted for another verification code when using this computer and browser in the future. The option to trust the computer can be disabled by the ShareFile Administrator for Client Users.



Can I force my users to use Two-Step Verification?

ShareFile Administrators can set policies as follows to require user enrollment for Two-Step Verification:

Require Two-Step Verification will require that the user group (Client Users as shown in the example above) enroll and opt in for Two-Step Verification. When enabled, the setting will be enabled for all Employee Users or Client Users or both.
For new users, the activation process will require that the user enter a phone number that is enabled for text message (SMS) or voice. For example:

For existing users, the user is prompted to enter the phone number that is enabled for text message (SMS) or voice on the next login from the Web App, client tools like Citrix Files for Windows, or mobile app like Citrix Files for iOS. See the Web App example:



Two-Step Verification for ShareFile apps

Once enabled, the most popular ShareFile apps follow the same two-step verification process as the ShareFile website. These apps include:

  • ShareFile Sync for Windows
  • ShareFile Sync for Mac
  • Citrix Files for Windows
  • Citrix Files for Mac
  • Citrix Files for Outlook
  • Citrix Files for iOS
  • Citrix Files for Android

Citrix Files for Outlook users may need to re-link their plugin after enabling Two-Step Verification.

Set application-specific password for other apps

Some other applications that run outside a browser are not compatible with Two-Step Verification, and you will need to create a separate password. When logging in, please enter this password instead of your regular password. After enabling Two-Step Verification, your typical ShareFile password will no longer be accepted by these apps. These apps include:

  • FTP - when using an app specific password, short usernames are not supported. Please use the full username format (i.e. subdomain/email address).
  • API - use app specific password.
  • Storage zones controller - use app specific password.

You can access creation of application passwords under Personal Settings > Personal Security > Two-Step Verification > Application Specific Passwords, using the Create a Password button. On the new screen, you will be prompted to enter a label. This label will help you identify the app if you ever desire to revoke access to it. After clicking Generate, click the Copy button to copy the app-specific password to your clipboard. Next, Paste the new password into the password field of your app.



ShareFile Apps that do not support Two-Step Verification

Please note that the following apps do not support the Two-Step Verification feature. If Two-Step Verification is enabled for your user, you will not able to use these apps.

  • ShareFile Desktop Sync for Windows (Adobe AIR)
  • ShareFile Desktop Sync for Mac (Adobe AIR)
  • Enterprise Sync Manager (Adobe AIR)


Backup codes

ShareFile allows you to generate a set of backup codes that can be used in the event that you will be unable to access your phone. Generate these codes using the Generate Backup Codes button. These codes may each be used only once. They will become invalid when a new set of codes is generated using this button.


Disabling Two-Step Verification

If Two-Step Verification policies are not set for the user group you belong to, you can disable the feature using the Disable button at the bottom of the page. You will need to reenter your password to verify. Windows 8 pro product key generator no survey.
You can disable this feature for all users on your ShareFile account at Admin Settings > Security > Login & Security Policy > Two Step.
If the Two-Step Verification policy for the user group was set, the Disable button will not be shown to the user group.

Login with Two-Step Verification

After you have set up your Two-Step Verification, you will be prompted for your verification code after logging in to ShareFile on a computer you have not opted to trust. You must enter the code you have received most recently in order to proceed to your ShareFile account. If you do not receive the code, you can select I didn’t receive a code for more options. If you are still unable to get in to your ShareFile account, please contact your ShareFile administrator.

NOTE: When Enable “trust this device” for Clients Users is set to no, the trust option checkbox is not visible for Client Users as shown here.
If you have generated backup codes prior from the following:
You will see an additional option for the verification code:

Reset User Phone Numbers

If a user has to change their primary phone number used for two-step verification, the account master admin may initiate the reset. To do so, navigate to People > Browser Employees and click on the user’s name that requires the reset. This will direct you to that employee’s profile page where the master admin can click Reset two-step verification under Actions.

Citrix Sharefile Generate Api Key Registration


Citrix Sharefile Generate Api Key Login


A confirmation message will be displayed and after clicking Reset, the user will be emailed a hyperlink that expires in 15 minutes.
After the user clicks the hyperlink in the email, they will be directed to the login page to enter their credentials. Once authenticated, they will be able to enter their new phone number and complete the two-step verification setup.
Master admins requiring their phone number to be reset will need to contact support.