I’m exploring the VRM API in Postman using the documentation provided by Victron.
Of course there’s the authorization endpoint auth/login.
Requires user/pass and returns a “token” and “idUser”. The token should be used in all subsequent calls together with other parameters like “idUser” or “idSite” (for which you first need to call another endpoint that requires “idUser”).
However, it’s also possible to use endpoint installations/{{idSite}}/system-overview (and others) with an API access token that you can generate in the VRM portal in Preferences → Integrations → Access tokens.
Using the API access token it seems you don’t need to first auth/login to be able to use the other endpoints.
However, many endpoints need the {{idSite}} part to be specified, but that one you can only get using auth/login.
Using the API access token is preferential over user/pass for security reasons, I think. One, for they can easily be revoked by an admin-user and you could assign/revoke different access tokens to different parties.
There is an endpoint users/{{idUser}}/get-site-id but that requires you to know the “installation_identifier” for which you need the endpoint users/{{idUser}}/installations for which you (indeed) need the “idUser” again.
So, if I want to use API-access tokens how do I get the “idUser” without using “user/pass” authorization?
Or, how do I get the “siteId” without the need for a “idUser” in the first place?