Sunday, 21 March 2021
  1 Replies
  545 Visits
I'm finding it quite difficult to get started with this! Am I correct in thinking that the "users" plugin that is mentioned in a number of places is one of the plugins found at (There isn't any mention of this in the documentation at

That plugin is now installed, along with com_api itself. As I understand it, the first thing I need to do is to obtain a token for a user so that subsequent requests can be validated. This appears to be done by a POST request to I am making a curl request with username and password as POST items:

curl -v -F 'username=testuser' -F 'password=********'

The TLS negotiation is successful, and HTTP2 is agreed. But the response is 500 (confirmed in access.log but nothing in error.log). The details provided from curl are:

* We are completely uploaded and fine
* TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
* TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
* old SSL session ID is stale, removing
* Connection state changed (MAX_CONCURRENT_STREAMS == 100)!
< HTTP/2 500
< date: Sun, 21 Mar 2021 09:59:33 GMT
< server: Apache/2.4.38 (Debian)
< set-cookie: 0b9a87de0deaffd3e52fa173e9efdb8a=n15iq846d6ii9s5lp7led5kdte; path=/; HttpOnly
< content-length: 0
< content-type: text/html; charset=UTF-8

Presumably I don't need the cookie, which is not easy to handle with curl in a bash script. But obviously I don't get a token. I couldn't see any reference to a return of 500 in the documentation or the users plugin code.

How can I progress this please?