curl -s -u myuser:mypassword https://kryptedjamf.jamfcloud.com/JSSResource/vppaccountsThis provides an array of output that has the number of tokens in <size> and the id of each along with their name in <id> and <name> respectively, as follows
<?xml version="1.0" encoding="UTF-8"?><vpp_accounts><size>2</size><vpp_account><id>2</id><name>test</name></vpp_account><vpp_account><id>3</id><name>test2</name></vpp_account></vpp_accounts>Once you know the id of a token, you can pull a bunch of information about that token using the following command:
curl -s -u myuser:mypassword https://kryptedjamf.jamfcloud.com/JSSResource/vppaccounts/id/2The output would be as follows, with the expiration_date indicated:
<?xml version="1.0" encoding="UTF-8"?><vpp_account><id>2</id><name>test</name><contact/><service_token>xxxxxxxxxxyyyyyyyyyyyzzzzzzzzzaaaaaaaabbbbbbbbbbccccccc</service_token><account_name>krypted</account_name><expiration_date>2017/06/30</expiration_date><country>US</country><apple_id/><site><id>-1</id><name>None</name></site><populate_catalog_from_vpp_content>true</populate_catalog_from_vpp_content><notify_disassociation>true</notify_disassociation></vpp_account>Or to limit the output to just the expiration date of the token, we’ll use sed to constrain:
curl -s -u myuser:mypassword https://kryptedjamf.jamfcloud.com/JSSResource/vppaccounts/id/2 | sed -n -e 's/.*<expiration_date>\(.*\)<\/expiration_date>.*/\1/p'The output should just be a standard date, as follows:
2017/06/30You can then loop through the output of the vppaccounts, build an IFS array, and display the dates for each, listing sites that are about to expire. For anyone that has a lot of sites with individual tokens, this might come in handy. Enjoy. Hat tip: I thought I’d have to do this using a database query, but it turns out that the field where the stoken is stored contains encrypted data different than the initially encoded base64, which I showed how to decrypt at What’s Really In A VPP Token File from Apple’s VPP?. This is to keep that data private. Instead, hat tip to Christian Dooley, who figured out that this is actually available in the API instead, and therefore I didn’t have to hit the database directly to write this article.
krypted June 30th, 2016
Posted In: JAMF