Seattle 10
Chilkat
migrating sharefile api from V1 to V3.
Registered for API key and received credentials.
Code is successful in receiving authorization code and immediately after when sending a get request with header containing authorization code to receive list of items in a file using
GET','/sf/v3/Items('folderid)?$expand=Children&$select=Id,Name,Children,Children/Id,Children/Name',sbResponseBody)
I get a 401 error unauthorized. cannot find any help on the sharefile site.
response: Response Status Code = 401Response Header:Response Body:{"code":"Unauthorized","message":{"lang":"en-US","value":"[AUTH] Invalid Authentication"},"reason":"NotAuthenticated"}
response3:
Sorry for being verbose. Any help will be appreciated.
I'm posting the answer to my question in case somebody has a similar issue as mine.
My issue was that I was adding the word "Bearer" to the auth id which is returned by the http request while using that auth id to download my item from sharefile.
Unlike with some others I did not have to add the word bearer to the Oauthid as the http header did it for me.
Related
From yesterday I am facing this error code 401 while accessing token from server using this API: https://oauth-login.cloud.huawei.com/oauth2/v3/token
Just for your information I am using Postman. Can anybody help me with this.
Error 401 usually means “unauthorized” or “request denied” because a request lacks valid credential. Although this error code is not listed in Account Kit server api, a developer can find it in other kit document - https://developer.huawei.com/consumer/en/doc/development/HMSCore-References-V5/webapi-error-code-0000001050163432-V5. Basically, a developer need to make sure that their API key and/or token is valid.
while using huawei auth service if error code 401 returned it means access token becomes invalid and we need to obtain a new token. Token Validity is 60 mins.
I am trying to access the new account API (Not the Admin) in keycloak 4.8.3 . I am trying to do :
GET "/auth/realms/{realm}/account/credentials/password" endpoint (Based on the AccountRestServiceTest.java)
with the account owner's token. Getting a 404 error.
I have started the sever with preview features
bin/standalone.bat -Dkeycloak.profile=preview
I have tried to add profile.properites file with profile=preview options
and the user has "manage-account","view-profile" account roles
What am i doing wrong here?
I'm facing the same problem and i found a solution.
You need to add the HTTP header Accept with the value application/json to your request.
Because AccountRestService is only accessible if headers Accept or Content-Type are application/json.
I am trying to make connection to Azure VSTS with SOAPui through vsts rest api's, but the response I am getting is: HTTP/1.1 203 Non-Authoritative information
Though when I hit the same request from POSTMAN it's giving successful response for every operation(Get, Post, Delete).
As I have a framework for API automation in SOAPUI I need to have this connection to post the test results in VSTS against respective test case.
Any idea how to resolve this would be much appreciated!!
Thanks
This is due to the incorrect authentication headers (Authorization header) that you send in the request. I have experienced this issue when you are trying to send empty username in SoapUI - Basic Authorization tab.
This can be handled by generating the header offline (using some online utilities - https://www.blitter.se/utils/basic-authentication-header-generator/) and sending in a separate header like below,
Authorization: Basic Onl1eWl1eWl5aXlpeWl5aXk=
Hope this helps.
It seems an HTTP response of 403 is accepted as the norm and correct handling of any calls made to a resource or endpoint that does not exist on an API Gateway setup (this post).
Example: a call to a non-existing endpoint on my Gateway would be;
GET -- https://{{MyGatewayDomain}}/api/v1/blah
This would return a 403 forbidden. Which can be rather confusing and misleading.
I'd like to know if anyone has managed to configure their API Gateway so that any call to a non-existing endpoint / resource, returns what I would have thought is a correct response of a 404?
Thanks in advance.
EDIT
As per bejos-aws's suggestion, I am able to override the default behaviour of the 403 Missing Authentication Token however, this will not solve my issue as then all the valid 403 errors would return a 404 response which is incorrect.
Also, my issue is regarding a 403 forbidden which doesn't exist in the default responses in the AWS Gateway Response's list (and even if it did, that wouldn't help).
Seems this is just not possible?
This is not currently a feature of API Gateway. However, there is a workaround. Using Gateway Responses, you can override the 403 Missing Authentication Token response with a 404 and supply whatever message you want as a response.
Note, this only works when the API stage is valid:
So if your API is deployed to a stage named v1
https://{MyGatewayDomain}/api/v1/somepath
And the caller supplies the wrong stage
https://{MyGatewayDomain}/api/invalidStage/somepath
Then the API will still respond with 403 Forbidden
As I am new to working on OAuth and from Curl script it's working fine . But trying to call from Advances Rest Client getting 500 internal server error ..
while trying to create a new client from Rest client as,
http://localhost:2021/oauth_uri?client_id=unique_client_id&client_secret=client_secret_value&scope[]=clients.admin&authorized_grant_types[]=password&authorized_grant_types[]=authorization_code&authorized_grant_types[]=refresh_token&authorized_grant_types[]=client_credentials&authorized_grant_types[]=implicit&access_token_validity=900&refresh_token_validity=2592000
,Content-Type: application/json and
Authorization: Bearer Access_Token value
Any help will be appreciated
Have you checked what is the code that gets generated from REST Client. You can do that by exporting it. Also give a try to POSTMAN incase you still can'r figure out the issue.