Author: Oliver F4BWG

Posted on

Brandmeister back-end upgrade requires your API keys to be re-generated

If you are using Brandmeister’s API keys for your applications, please read this article carefully.

Over the weekend, the Brandmeister administrators performed a significant upgrade to the backend servers and databases. This upgrade included bolstering the security of the platform, and as a consequence the existing API keys have been invalidated and need to be regenerated.

If you presently employ API keys within your Brandmeister configuration (for pistar, openspot, custom programming, etc.), you may encounter a “401 – Unauthorized” error message. To resolve this issue, kindly follow the instructions provided in this article https://news.brandmeister.network/introducing-user-api-keys/ to generate new API keys for your application. We apologize for any inconvenience this may cause.

Best 73’s from the Brandmeister Admin Team.

Posted on

Austria Master (2321) scheduled IP change

As indicated on the Austria Brandmeister DMR Blog, we have been recently notified that the location where the current 2321 master is hosted will close, forcing us to setup a new master 2322 in a new data-center.

Austria’s new Master 2322 is already up and running with the IP address 62.171.130.35 and the existing Master 2321 will be deprovisionned on May 13th, 2023.

All repeater sysops connected to 2321 have already been contacted and the transition is expected to generate little to no impact.

Posted on

Denmark Master (2381) scheduled IP change

Due to an incompatibility between the hosting provider’s hypervisor and the upcoming version of Brandmeister DMR, the Denmark Brandmeister Master server is changing its IP address and ID.

If you have a repeater, hotspot or other node connected to the 2381 master, please update your configuration with the information below:

Master Server ID: 2382 IP Address: 185.51.76.16

The new master server is already fully functional. The current master (2381 at 85.90.246.225) will be discontinued on July 1st, 2023.

Posted on

Improvements to the AirSecurity feature

The Brandmeister DMR development team has made improvements to the Airsecurity feature! The repeater and area scopes are now available. For extra convenience, a Secure Local Pass option allows to bypass the AirSecurity authorization from your personal password-protected hotspots.

What is AirSecurity for?

As most of you already know, Brandmeister DMR only accepts transmissions from DMR IDs that are registered and active in the RadioID database.  However, there is a possibility that someone may inadvertently configure their radio with your personal DMR ID, causing their transmissions to appear as originating from you on the Brandmeister DMR network. This can be avoided by utilizing the AirSecurity feature.

How does it work?

Once AirSecurity is activated for your callsign, any over-the-air transmission from one of your DMR ID will need to be pre-authorized by sending a one-time code via private call. The authorization will be valid for a pre-determined time period, and can be restricted to a single repeater, to a group of repeaters, or to all repeaters connected to a particular master server. If a transmission is made over the air without authorization, the message “Access denied” will be played back by the Brandmeister network.

How to enable and configure AirSecurity?

Login to the Brandmeister dashboard, and open your selfcare page. Click on AirSecurity / TOTP.

A set of options will appear:

  • When AirSecurity/TOTP is set to ON, the feature is active for your callsign
  • When Secure Local Pass is set to ON, transmissions from your personal hotspot (for which the first 7-digits matches your DMR ID) will be allowed without authorization
  • Choose the scope of AirSecurity protection
    • Repeater : only the repeater from which you are sending the authorization code will accept transmissions from your DMR ID
    • Area : this option is currently under development. It will allow to authorize a group of repeaters.
    • Master: only repeaters connected to the master you select will accept transmissions from your DMD ID. Choosing this option will allow you to provide authorization from your web browser in Selfcare, in addition to the TOTP private call method.

Once you have made your scope choice, scan the QR code using any TOTP authenticator application, enter the current code in the “QR Code Verification” field, and click the Save button.

How to use AirSecurity?

When the AirSecurity feature is enabled on your Selfcare account:

  • Open your TOTP application and look at the current 6-digit code
  • Using a radio programmed with your DMR ID make a private call to 9 + followed by the 6 digits code. (for example, if the current TOTP code is 123123, then make a private call to the contact ID 9123123). A short PTT is enough.
  • From that point on, you can transmit with your ID, within the scope you have chosen (repeater or master)

If you have enabled both “AirSecurity” and “Secure Local Pass”, you can make calls with your DMR ID from your personal hotspot without having to enter the TOTP code. The first 7 digits of the hotspot ID must match your Radio ID.

If you selected a scope of Master, an additional method of authorization is available: by pressing the “Enable PTT Now” in your Selfcare. This method also comes with a choice of different time periods for the duration of the authorization:

Posted on

Friendly reminder to avoid using frequencies allocated to Amateur Satellite Service

The Brandmeister Support Team frequently receives requests to prevent routing traffic to devices operating within the portion of spectrum allocated by all three ITU regions for Amateur Satellite Service. This is due to QRM caused by DMR signals on these frequencies.

While the Brandmeister DMR development team is not currently considering restricting traffic based on device frequency, we strongly advise setting your DMR hotspot or repeater frequency outside of the 145.8-146.0 or 435-438 MHz segments. It’s crucial to note that even low-power transmissions can cause interference when a satellite passes overhead and has a clear line of sight to the device’s antennas.

Thank you!

Posted on

BrandMeister User API keys

This article was originally published on 03/2018 and has been updated on 08/2022 to add key versions.

What are users API keys ?

Any BrandMeister user can generate an API key. A key is a long string of characters that is unique to a Brandmeister user account. This digital key allows a third-party application to read and update the data on the corresponding Brandmeister Account (such as your list of hotspots, repeaters, your static talkgroups, etc.).

API keys were first introduced in Brandmeister in 2018, as API v1. In August 2022, developers improved the API features and created API v2, which changed the keys format. API keys created after 2022/08/19 are in v2 format. Keys created prior to this date are in v1 format.

Will API v1 be retired?

To ensure a smooth transition, API v1 keys created prior to 2022/08/19 will still be working for several months. They are no longer visible in the user’s self-care account, but they are still active.

While there is no set date for retiring API v1, we strongly encourage everyone to upgrade their keys to API v2 as soon as possible.

What does an API key look like?

An API v1 key is a 128-character string. For example:

MWaztB3EcHWBEW@D$2gb89Y2kvvE4leSr.33Gey74d0IYVSKU58YGMSFmPHD.Q1fECUkIcj7E4leSr.33Getkjshdf987ywe2irligr908SFIdlsfkj08934sasdlveg

The most recent API v2 key is a longer character string known as a JSON Web Token. For example:

jh7KJSAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJhdWQiOiIxIiwianRpIjoiOWVjYjBhODRmYTAwODdkNjQ2YmNmNWJlMGJjMGEyZDQ0YmUxNGFkNDllNmM5OWNhM2NkNTcyNjViOGNjYjJmN2ZlNThlYzI1MjNhZWM2YTQiLCJpYXQiOjE2NjA5MzI0NjIuMDI5NzEyLCJuYmYiOjE2NjA5MzI0NjIuMDI5NzE1LCJleHAiOjQ4MTY2MDYwNjIuMDA3OTIyLCJzdWIiOiIxOTIiLCJzY29wZXMiOltdfQ.PnoQ3LkPeuV1TW1Hggn-D7Lloq3TRIB0bHEXTC3Ck1zXDqJRXvjf74sSJ01RSCDCOEAzyDW8eYDjguswGOjMmJ3Lp0IPAcSU7yZY3cjz7NNuFbiqllyV_jXYoBybU-FzSEuoEl3Nx6kbO6iNb_IoDrdloRxVtEDsQJ8Q27FouzMcf3lSxriwmC3tVv2V5phqzJlT-DyL0QLgZaRyDnRdxJtq6yLW5EPUAK6uAHRANCs_wbeSAKVZmqC6ycLJ0ZfIvbUBr7312HP8u2kInh1vcpnNczWyoc7FsjcZjBYrMskt7zRds051a_KqoP8uzUUSS9ZZSxrd_KDozUQ6CiWSB7nCc96B4KLY4CCpJq50I1RSnxrg4Pamj8b8abdO6O5yGakUDrp0t1jMONhOb_B9SlyNgy55SxY2ZC0Q9h3MNC1fxw_rKd73wWjD1SWsW2SI1iaAZA6ewLbn5xPpHvUlVtNri0ZO2oPfdn_1nRImCAwlYKt4LbUKmAFp-vgshMknVlVwutDNQ815y9M3F994Za_OghmAylUaWDextUh6Kx4eYAZuNnB6OphDwS08dWUZOe7MEMBH1OM2Sw_GbbjGPiS82pUDqPZzkfjs5ghFS1CfAu1BB8Teh0wgLqevWaN7VLJWOSSgl9-IOAdSSphmH0yprWbuZHPNyWq1HDY_eEI

Why using an API key?

You can enter your API key in a third-party software or hardware appliance to read and manage the information within your Brandmeister account (including repeaters, hotspots, talkgroups configuration, etc.).  Using an API key allows you to keep your SelfCare username and password confidential and to have granular control over each key you provide to others.

The API key is completely unrelated to your SelfCare password. If you change your SelfCare password, the keys you have generated are still valid.

At any time you can Revoke a key, and any person or application with this key will no longer be able to access the information and features of your Brandmeister account.

How to generate and revoke my user API keys?

To generate an API key, follow these steps:

  • Login to your BrandMeister SelfCare account using a web browser, and authenticate using your callsign and password.

BrandMeister SelfCare Login Page

  • Click on your callsign or avatar at the top of the screen, and select “Profile Settings”

BrandMeister SelfCare CallSign Profile Settings

  • Click on the “API Keys” button in the Security Settings section

BrandMeister SelfCare Security Settings API Keys

  • This is where your existing keys (if any) will be displayed. Click “Add” to create a new key.

BrandMeister SelfCare add API key

  • Provide a name for your API key.
    You can create as many keys as you’d like. It is therefore recommended to generate one key per application you will use, and name the key accordingly. The name has no impact on the key, it is just a label utilized in the SelfCare to help you remember which key is which.

  • The next screen will display the API key. If you are using a mobile app, chances are that you can just take a photo of the key within the app and you are done. Otherwise you may copy/paste the key into the application directly.

This is the only time the key code and barcode will be visible. Once you click “OK” only the key name will be available in your list. There is no need to keep a copy of your key somewhere, considering that you can always revoke and generate a new key.

BE EXTREMELY CAREFUL TO WHOM YOU GIVE YOUR KEY TO, AND WHERE YOU SAVE YOUR KEY.  THE KEYS ALLOW A COMPLETE AND FULL ACCESS TO ALL THE FEATURES OF YOUR PERSONAL SELF-CARE. THIS INCLUDES REPEATER/MASTER SYSOP FUNCTIONS!

  • After clicking “OK” you will be sent back to the list of API keys, with the ability to revoke a key if needed.

Why not just provide my SelfCare account credentials?

Your password is confidential and should never be given to others. Providing a separate key to each third-party allow you better control: if you provided your account password, each time you want to change the password you will have to go back to each third party to update it. With the API keys, you can change your SelfCare account password or revoke a key without affecting all other keys you have already provided.

Are there any existing applications using user API keys?

There are currently three developers we have worked with to develop the first applications leveraging user API keys:

Pi-Star (MW0MWZ)

Pi-Star is a custom, pre-configured SD Card image for the Raspberry Pi, built on Raspbian Linux. It includes software stacks by G4KLX, MMDVMHost / DStarRepeater, and associated tools & programs.

Its built-in dashboard now includes the ability to make changes to users’ BrandMeister configuration, by leveraging the use of APIs.

Documentation

Repeater Reader (DO1JG)

Repeater Reader is a small JAVA program that creates visibility and management options for the selected repeater or hotspot. It will also get support for controlling the repeater through APIs.

The BrandMeister team wishes to thank all application developers for making all of this happen!

Posted on

Major Code Upgrade on August 19th – Please read carefully

Brandmeister’s developers will be rolling out a major code upgrade in the upcoming days. Please read below to learn about the impact of this upgrade.

User registrations, passwords, and activations

New user registrations, password changes/resets, and accounts activations will be paused the entire day of August 19th 2022.

API functions and keys

Current API (v1) will be upgraded to a new v2. The API keys format is evolving and is not backward compatible. Read more on user API keys here: https://news.brandmeister.network/introducing-user-api-keys/

On August 19th, 2022, old API v1 keys will no longer be showing up on the Selfcare Profile screen. New keys that you add using the “+ Add Key” button will be in API v2 format.

It is therefore normal to see an empty list of API keys in your Selfcare Profile screen after August 19th, 2022.

While you won’t be able to add API v1 keys anymore, your existing ones will continue to work on hotspots for managing static talkgroups and such, but will be retired within a few months. We encourage you to migrate your API keys to the new version as soon as possible. The latest version of Pi-Star is already API v2 compatible. For other devices, please contact the manufacturer to inquire about compatibility.

Why are we upgrading the code?

Simply put, the current code base is reaching its limit and is hindering our ability to build new features.

  • Once in production, the upgraded functions will allow faster response time on the dashboard and other intrinsic features.
  • The new code architecture also provides improved ways of adding features and therefore allows faster growth for Brandmeister.
  • Last but not least, the new APIs bring more functions and added flexibility for developers to build software and hardware working with the Brandmeister DMR Network.

This article will be updated with any frequent questions we might receive.

Posted on

Repeaters static talkgroups are now replicated throughout Brandmeister master servers

Up until now, the static and time-static talkgroups configured for a repeater were saved on the master the repeater is connected to at the time of the configuration. When a repeater was moved to a different Brandmeister master server, the static talkgroups had to be re-defined so it could be saved onto the local database of the new master server.

This behavior has now changed. When configured in the self-care, static and timed-static talkgroups subscriptions are now replicated throughout all Brandmeister master servers. This means the static talkgroups will stay the same no matter which master server a repeater is moved to.

This is an added improvement to the “decentralized” architecture of Brandmeister. If all Brandmeister back-end infrastructure were to fail, masters can continue to work standalone.

Posted on

Brandmeister DMR 2021 : A year-in-review

2021 has been a great year at Brandmeister DMR. The development team once again spoiled the DMR Amateur Radio community with many great features. Let’s review the most significant ones:

A new hoseline on steroids – QSOs on Brandmeister DMR talkgroups can be heard using a web browser on virtually any device, using the brand new Hoseline with improved audio, volume normalizing, multiple talkgroups listening, instant play, and many other features described in detail in this article.

Enhanced repeaters coverage plots – The coverage plots are more precise than they used to, and are updated minutes after making a change in repeater’s data.

Users and Repeaters Self Service– The days of the default “passw0rd” for hotspots and repeaters are over. The registration process on Brandmeister ensures that ham’s IDs are protected, and the traffic is not disturbed by rogue devices or gateways. Most new users are now automagically approved, and it only takes 5 minutes now for a new repeater to become available and manageable on Brandmeister DMR! Thanks to the collaboration of Brandmeister and RadioID developers, the repeater data is imported in Brandmeister, and sysop rights are automatically added. No need to ask and wait for this to be done manually!

A faster dashboard – The dashboard is now responsive, repeater owners can set passwords on their own, hotspot and repeaters list display twice as fast as they used to, and the last-heard is faster than it has ever been!

Brandmeister Core updates – the core Brandmeister software has seen 48 updates in 2021, bringing lots of performance improvements as well as amazing new features such as the Asterisk’s AudioSocket protocol, TextCapture, and the optimization of Wires-X bridging.

We recognize that all these improvements would not have been possible without:

  • The time and devotion of the developpers involved in the many aspects of Brandmeister
  • Hams contributing their time to testing and reporting issues to the development team
  • Master administrators maintaining, troubleshooting, and updating the servers that make Brandmeister accessible to ham radio operators worldwide
  • Support teams spending countless hours helping fellow ham operators
  • User’s donations
  • Users providing computing ressources and hosting

We have more to come for 2022 … so stay tuned, and Happy New Year!