REST API not working in Android

carmatana · May 21, 2024, 4:32pm

Hello,

I am on Android 1.27.3

I am trying to pause a folder, using temrminal (Termux)

I am doing:

as indicated in:

I tried this on my MAC and it worked, but I did not work in Android

Of course I am using the right api-key of syncthing Android (I got it from the App)

I am backing up my android Whatsapp (witha a “send-only” folder), and to not have all the day syncthing working I want to pause and resume it at certain times during the day

If I am able to make the API work my second problem is going to be how to execute that command at certain times, but I am not there yet.

gadget · May 22, 2024, 2:03am

For regular installs on Linux, macOS and Windows, HTTPS is disabled by default for Syncthing’s web UI. But for security reasons, on the Android app it’s enabled by default.

And because the SSL/TLS certificate is auto-generated and self-signed by Syncthing, it’s not going to pass verification.

So replace http with https and use the -k (--insecure) option for cURL, e.g.:

curl -k https://

Also, instead of redirecting errors into the digital black hole with 2>/dev/null, you can save some CPU cycles and bits with the -s (--silent) option.

Putting it altogether…

curl -s -k -X PATCH -H "X-API-Key: <apikey>" -d '{ "paused": true }' "https://127.0.0.1:8384/rest/config/folders/<folderid>"

carmatana · May 23, 2024, 2:33am

Thanks @gadget !!

I had found that disabling TLS make it works, but much better not to do that !!!

Thanks again !

Unrelated question: do you recomend to enabling TLS in other devices ? I have a Mac and a NAS and in both cases, as you mention, is disabled.

gadget · May 23, 2024, 8:24pm

The short answer is if you feel you want/need as much security as possible, feel free to enable it (some Syncthing users also replace the self-signed SSL/TLS cert with an officially signed one).

The TL;DR answer…

For better security, enabling HTTPS does help, but whether it’s recommended depends on the particular use case.

A phone user is more likely to be connected to open wireless access points that don’t isolate devices from each other, thus allowing an unauthorized user to connect to Syncthing’s web interface if the owner has decided to override the default of only listening on 127.0.0.1 (localhost).

Linux, macOS and Windows all have built-in firewalls that are enabled by default. As long as you don’t disable the firewall or punch a hole for Syncthing’s web interface so that you can access Syncthing’s web interface on your Mac and/or NAS from a different device, there’s only a tiny benefit to enabling HTTPS.

Likewise, on a home network it might not be necessary if you trust your network and users on it.

system · June 22, 2024, 8:24pm

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.