Das System Menü :: Benutzer


param.cgi?cmd=getuserattr

  • at_username: Username for User
  • at_password: Password for User
  • at_authlevel: User Authorisation: admin/user/guest [0 - 327679]*
  • at_enable: De/Activate [0, 1]
  • at_authexpire: Login token expiration - 1 day, 3 days, 5 days, 7 days, 30 days, 365 days [0-5]
  • at_lancode: Preferred webUI language: [de, en, fr, cn, pl]
  • at_enc: Stored password encryption: 0 none, 1 md5 hash, 2 encrypted [0-2]

* User Access Rights:

  • Live Stream: authlevel 32
  • RTSP Stream: authlevel 64
  • P2P Connection: authlevel 8
  • Alarm Settings: authlevel 8192
  • Multimedia Settings: authlevel 4096
  • PTZ Settings: authlevel 16384
  • User Management: authlevel 2
  • Push Notifications: authlevel 16
  • SD Viewer: authlevel 128
  • Audio Features: authlevel 256
  • Alarm Relay: authlevel 512
  • Whitelight LEDs: authlevel 1024
  • PTZ Control: authlevel 2048

* User Presets:

  • Super Admin: authlevel 327679
    • Access Rights: Minimal, User Management, Basic Authentication, Live Video, RTSP Video, SD Viewer, Audio Features, Alarm Relay, PTZ Control, Multimedia, Alarm Settings, PTZ Settings, System Settings, ONVIF (Admin), P2P Connection, Push Notifications
  • Operator: authlevel 4087
    • Access Rights: Minimal, User Management, Basic Authentication, Live Video, RTSP Video, SD Viewer, Audio Features, Alarm Relay, PTZ Control, Push Notifications
  • Guest: authlevel 101
    • Access Rights: Minimal, Basic Authentication, Live Video, RTSP Video

Example

GET: http://admin:instar@192.168.2.168/param.cgi?cmd=getuserattr

cmd="getuserattr";
at_username[1]="admin";
at_enable[1]="1";
at_authlevel[1]="15";
at_authexpire[1]="4";
at_lancode[1]="en";
at_username[2]="operator";
at_enable[2]="0";
at_authlevel[2]="3";
at_authexpire[2]="0";
at_lancode[2]="de";
at_username[3]="guest";
at_enable[3]="0";
at_authlevel[3]="1";
at_authexpire[3]="0";
at_lancode[3]="de";
response="200";
GET: http://192.168.2.168/param.cgi?cmd=getuserattr&at_userid=1&user=admin&pwd=instar

cmd="getuserattr";
at_username="admin";
at_enable="1";
at_authlevel="15";
at_authexpire="1";
at_lancode="de";
response="200";
SET: http://admin:instar@192.168.2.168/param.cgi?cmd=setuserattr&at_userid=1&at_username=admin&at_password=newpassword&at_authlevel=15&at_enable=1
cmd="setuserattr";
response="200";
SET: http://admin:instar@192.168.2.168/param.cgi?cmd=setuserattr&at_userid=3&at_username=guest&at_password=guest&at_authlevel=1&at_enable=0
cmd="setuserattr";
response="200";

param.cgi?cmd=adduser

Add a camera user

  • at_username: Username for User
  • at_password: Password for User
  • at_authexpire: Access token expiration
  • at_lancode: Default UI language
  • at_authlevel: User Authorization: admin/user/guest [15, 3, 1]

Example

SET: http://admin:instar@192.168.2.168/param.cgi?cmd=adduser&at_username=admin2&at_password=mypassword&at_authlevel=15
cmd="adduser";
response="200";

param.cgi?cmd=deluser

Delete a camera user

  • at_userid: User ID number [1-10]

The admin user with user ID 1 cannot be deleted. Use cmd=setuserattr to deactivate user if needed.

Example

SET: http://admin:instar@192.168.2.168/param.cgi?cmd=deluser&at_userid=5
cmd="deluser";
response="200";

param.cgi?cmd=getauthexpire

Get Authentication Token Expiration

  • admin, operator, guest:
    • 0 = 1 day
    • 1 = 3 days
    • 2 = 5 days
    • 3 = 1 week
    • 4 = 1 month
    • 5 = 1 year

Once logged in - e.g. to the camera webUI - with an admin, operator or guest the generated authentication token will expire in the here set amount of days. Forcing the user to log in again using their username and password. Be aware that session tokens might be deleted e.g. when closing your web browser.

GET: http://admin:instar@192.168.2.168/param.cgi?cmd=getauthexpire

cmd="getauthexpire";
admin="0";
operator="0";
guest="0";
response="200";
GET: http://192.168.2.168/param.cgi?cmd=getauthexpire&at_userid=1&user=admin&pwd=instar

cmd="getauthexpire";
admin="0";
operator="0";
guest="0";
response="200";
SET: http://admin:instar@192.168.2.168/param.cgi?cmd=setauthexpire&admin=5
cmd="setauthexpire";
response="200";

login.cgi

Get active user attributes

  • at_username: Username for Active User
  • at_authlevel: 15: admin, 3: user, 1: visitor
  • at_enable: De/Activate [0, 1]

Example

Aquire ipc_token for User Session

  • /param.cgi: CGI command to get/set parameters and execute certain features (requires Basic-Auth)
  • /webui.cgi: Alternative to /param.cgi used in the webUI to prevent Basic Auth prompt from the web browser (requires ipc_token that is aquired from login.cgi)
curl -u admin:instar 'http://192.168.2.115/login.cgi' -v
*   Trying 192.168.2.115:80...
* Connected to 192.168.2.115 (192.168.2.115) port 80 (#0)
* Server auth using Basic with user 'admin'
> GET /login.cgi HTTP/1.1
> Host: 192.168.2.115
> Authorization: Basic YWRtaW46aW5zdGFy
> User-Agent: curl/7.78.0
> Accept: */*
> 
* Mark bundle as not supporting multiuse
< HTTP/1.1 200 OK
< Content-Type: text/plain; charset=utf-8
< Set-Cookie: ipc_token=zRKSrHvFU5gVGaHsEBu8wvSnLcX9JchKpB; path=/; expires=Sat, 23-Apr-2022 11:41:39 CEST
< Accept-Ranges: bytes
< Content-Length: 75
< Date: Fri, 22 Apr 2022 09:41:39 GMT
< Server: lighttpd/1.4.60
< 
at_username="admin";
at_authlevel="15";
at_enable="1";
response="200";
* Connection #0 to host 192.168.2.115 left intact

Get active User

GET: http://admin:instar@192.168.2.168/login.cgi

at_username="admin";
at_authlevel="15";
at_enable="1";
response="200";
GET: http://192.168.2.168/login.cgi&user=admin&pwd=instar

at_username="admin";
at_authlevel="15";
at_enable="1";
response="200";

param.cgi?cmd=gettoken

Get a Access Token for Application Logins

  • token: Access token
  • validity: Token validity

Example

GET: http://admin:instar@192.168.2.168/param.cgi?cmd=gettoken

cmd="gettoken";
token="m82D0CW7BvTsCSeLQgr63PlMLS0P7xfRbq";
validity="1651564834";
response="200";
GET: http://192.168.2.168/param.cgi?cmd=gettoken&user=admin&pwd=instar

cmd="gettoken";
token="m82D0CW7BvTsCSeLQgr63PlMLS0P7xfRbq";
validity="1651564834";
response="200";

param.cgi?cmd=getsession

Get active Session

(for guest user level)

  • token: Access token
  • validity: Token validity

Example

(needs guest login!)

GET: http://admin:instar@192.168.2.168/param.cgi?cmd=getsession

cmd="getsession";
token="9JAPJ6swdYlJfDG409LXQQe6OcetKtjGYT";
validity="1651566086";
response="200";
GET: http://192.168.2.168/param.cgi?cmd=getsession&user=admin&pwd=instar

cmd="getsession";
token="9JAPJ6swdYlJfDG409LXQQe6OcetKtjGYT";
validity="1651566086";
response="200";

param.cgi?cmd=gettokeninfo

Get all active Access Token

  • validity: Token validity
  • name: Token name
  • note: Token note
  • []: Token ID [0 - ∞]

Example

GET: http://admin:instar@192.168.2.168/param.cgi?cmd=gettokeninfo

cmd="gettokeninfo";
validity[1]="1651557518";
name[1]="session token";
note[1]="";
validity[2]="1651564834";
name[2]="default";
note[2]="";
response="200";
GET: http://192.168.2.168/param.cgi?cmd=gettokeninfo&user=admin&pwd=instar

cmd="gettokeninfo";
validity[1]="2147483647";
name[1]="instar-mqtt";
note[1]="Mqtt access token";
validity[2]="1651564834";
name[2]="default";
note[2]="";
response="200";

param.cgi?cmd=deltoken

Delete User Access Token

  • id: Deletes token with specified ID

Example

GET: http://admin:instar@192.168.2.168/param.cgi?cmd=deltoken&id=4

cmd="deltoken";
response="200";
GET: http://192.168.2.168/param.cgi?cmd=deltoken&id=2&user=admin&pwd=instar

cmd="deltoken";
response="200";

param.cgi?cmd=getsessioninfo

Get Session Info

  • validity: Shows expire time (Unix) of current session token

Example

GET: http://admin:instar@192.168.2.168/param.cgi?cmd=getsessioninfo

cmd="getsessioninfo";
validity="1651564834";
response="200";
GET: http://192.168.2.168/param.cgi?cmd=getsessioninfo&user=admin&pwd=instar

cmd="getsessioninfo";
validity="1651564834";
response="200";

param.cgi?cmd=getuserinfo

Get User Info

  • at_userid: Active user ID
  • at_username: Active user name
  • at_authlevel: Active user authentication level
  • at_enable: Active user active status
  • at_lancode: Active user webUI language code
  • at_authexpire: Active user authentication token expiration

Example

GET: http://admin:instar@192.168.2.168/param.cgi?cmd=getuserinfo

cmd="getuserinfo";
at_userid="1";
at_username="admin";
at_authlevel="212991";
at_enable="1";
at_lancode="de";
at_authexpire="4";
response="200";
GET: http://192.168.2.168/param.cgi?cmd=getuserinfo&user=admin&pwd=instar

cmd="getuserinfo";
at_userid="1";
at_username="admin";
at_authlevel="212991";
at_enable="1";
at_lancode="de";
at_authexpire="4";
response="200";

param.cgi?cmd=getadduserdata

Set up Password Recovery

  • at_userid: User ID [1 - 999] (use cmd=getuserattr to find your user ID)
  • at_mail: Recovery Email address
  • at_question: Recovery question
  • at_twofactor: Two-factor authencation enabled [0,1]
  • at_sec: Recovery question set [0,1]

When sending getsession or gettoken, the camera will check whether twofactor is enabled. If yes and there was no code generated, the camera will generate one and send it to the registered mail address. getsession / gettoken will then return 208 - MISSING_PARAM. By adding the twofactor code to getsession / gettoken as &factor=<...> it will go through. If a wrong code is added, 208 will be returned again.

Example

GET: http://admin:instar@192.168.2.168/param.cgi?cmd=getadduserdata

cmd="getadduserdata";
at_mail="me@email.com";
at_twofactor="0";
at_sec="0";
response="200";
GET: http://192.168.2.168/param.cgi?cmd=getadduserdata&user=admin&pwd=instar

cmd="getadduserdata";
at_mail="me@email.com";
at_twofactor="1";
at_sec="1";
response="200";
SET: http://admin:instar@192.168.2.168/param.cgi?cmd=setadduserdata&at_userid=1&at_mail=me@email.com&at_question="secretquestion"&at_answer="secretanswer"
cmd="setadduserdata";
response="200";

param.cgi?cmd=requestreset

Request a Password Recovery

  • at_username: Name of user account you want to recover
  • at_mail: Recovery Email address
  • at_answer: Recovery answer to question set with cmd=setadduserdata above
SET: http://admin:instar@192.168.2.168/param.cgi?cmd=requestreset&at_username=admin&at_mail=myemail
cmd="requestreset";
response="200";

An email will be send to the email address with an recovery code - if the user account exists and has the recovery email configured using cmd=setuserreset.

param.cgi?cmd=resetpassword

Reset your Password

  • at_username: Name of user account you want to recover
  • at_code: Recovery code from the recovery email received after using cmd=requestreset
  • at_password: Add the new password you want to use for the recovered account
SET: http://admin:instar@192.168.2.168/param.cgi?cmd=resetpassword&at_answer=myanswer&at_code=123&at_password=newpassword
cmd="resetpassword";
response="200";