Rest API: 406 Unacceptable: Abacus API - rest

I am using Abacus API (Tool for EA) to get components.
Following is documentation of API:
GET /Components({EEID})/Properties
EEID: integer (int64) x ≥ 1
in path
EEID of the component whose properties to return
200 OK
CElementProperty
OK
type CElementProperty
401 Unauthorized
Bearer token is missing or expired (unauthorized)
The /components is working fine with Bearer Token as well as /create.
But when i hit above then I get 406 Unacceptable.
Postman generates following (Also tried on ARC and same):
Same errors for component/eeid/properties
I have removed all headers and then also get same issue (on host i get bad request)
What more can i do to verify this error?

Related

Hashicorp Vault: 400 Bad Request Accept header is missing

I have enabled jwt auth on my dev vault instance
vault auth enable jwt
Success! Enabled jwt auth method at: jwt/
However, when I try to configure the jwks_url for the jwt auth I get the following error
➜ vault write auth/jwt/config jwks_url="<jwks_url>"
Error writing data to auth/jwt/config: Error making API request.
URL: PUT http://127.0.0.1:8200/v1/auth/jwt/config
Code: 400. Errors:
* error checking jwks URL: fetching keys oidc: get keys failed: 400 Bad Request Accept header is missing
Any idea what might I be doing wrong?

Clio API v4 returns "User is forbidden from taking that action"

Clio API v4 returns ForbiddenError for every request.
For example this request works without problem:
GET /api/v2/users/who_am_i HTTP/1.1
Host: app.clio.com
Authorization: Bearer ***
And this request doesn't work:
GET /api/v4/users/who_am_i HTTP/1.1
Host: app.clio.com
Authorization: Bearer ***
This is the error returned with status 403:
{"error":{"type":"ForbiddenError","message":"User is forbidden from taking that action"}}
The same happens with any other request.
I was having the exact same problem. Here's a response from Clio, which resolved my issue.
We have recently made a change that requires all Bulk Action requests include bearer tokens in order to be successful. If you are making requests without including bearer tokens, they will fail.
Hope this helps.
I've found the solution.
The problem happened because the Bearer token has been received for application registered with APIv2 and/or in wrong domain (Europe instead of USA).
That means when I approved user I approved it against wrong application.

Getting HTTP 400 when requesting access token

I am trying link Actions on Google with a 3rd party service (non-Google). I am using Google Oauth 2.0 Playground to check if I am getting the auth code and the access token. I successfully received the auth code but when requesting the access token I am receiving the following result from the response.
HTTP/1.1 400 Bad Request
Content-length: 16
Content-type: text/plain
WWW-Authenticate
I am not sure when I am doing wrong here. What does WWW-Authenticate mean?
Thanks in advance.

Robot Framework api test with OAUTH2 Authorization Request Header

I am trying to use the RequestsLibrary on an api thats using the OAUTH2 authentication.
Authentication is via OAUTH2 with credentials being supplied to the /v1/authtoken endpoint.
Subsequent calls to the APÍ need to have the token included as a ‘bearer’ in the ‘Authorization’ header of the http requests.
So below is the test case. The error I am getting is:
401 != 200
The credentials work ok in jmeter and a list of accounts is returned. However, I am not able to get the RF script work. Any help will be appreciated.
In the script,
Log to Console ${accessToken} returns the access token: 8ETFXTZOWQLrgsMj7c_KuCEeypdj-eO1r...
Log to Console ${token} returns: Bearer 8ETFXTZOWQLrgsMj7c_KuCEeypdj-eO1r...
*** Test Cases ***
Get authToken
Create Session hook http://xxxx.azurewebsites.net verify=${True}
${data}= Create Dictionary grant_type=client_credentials client_id=yyy-zzzz client_secret=xxxxxxxxxxxxxxx
${headers}= Create Dictionary Content-Type=application/x-www-form-urlencoded
${resp}= post request hook /v1/authtoken data=${data} headers=${headers}
Should Be Equal As Strings ${resp.status_code} 200
Dictionary Should Contain Value ${resp.json()} bearer
${accessToken}= evaluate $resp.json().get("access_token")
Log to Console ${accessToken}
${Bearer}= Set Variable Bearer
${token}= catenate Bearer ${accessToken}
Log to Console ${token}
${headers}= Create Dictionary Authorization=${token}
${resp1}= get request hook /v1/integration/accounts headers=${headers}
Should Be Equal As Strings ${resp1.status_code} 200
#Log to Console ${resp1.json()}
I am using OAuth 2.0 authentication as well for my salesforce automation.
My first answer would be to skip client based authentication and switch to username/password based authentication
Get authToken by Password Authentication
RequestsLibrary.Create Session hook https://<url>/services/oauth2 verify=${True}
${data}= Create Dictionary grant_type=password client_id=1abc client_secret=2abc username=test#test.com password=keypass
${headers}= Create Dictionary Content-Type=application/x-www-form-urlencoded
${resp}= RequestsLibrary.Post Request hook /token data=${data} headers=${headers}
Should Be Equal As Strings ${resp.status_code} 200
${accessToken}= evaluate $resp.json().get("access_token")
Log to Console ${accessToken}
If you are using client based or web based authentication, there will be a login screen that will be used by the user to enter their username/password to authorise the app to send requests on its behalf. Have a look at these pages for more information as they primarily discuss about using either refresh tokens or skipping the user prompt altogether.
Why does Google OAuth2 re-ask user for permission when i send them to auth url again
https://salesforce.stackexchange.com/questions/785/authenticate-3rd-party-application-with-oauth2
I have added the new answer for this question.
RequestsLibrary.Create Session OA2 <Your Server URL> verify=${True}
${data}= Create Dictionary Token_Name=TestTokenname grant_type=<grant type> client_Id=<your Id> Client_Secret=<Your client secret> scope=<your scpe>
${headers}= Create Dictionary Content-Type=application/x-www-form-urlencoded
${resp}= RequestsLibrary.Post Request OA2 identity/connect/token data=${data} headers=${headers}
BuiltIn.Log To Console ${resp}
BuiltIn.Log To Console ${resp.status_code}
Should Be Equal As Strings ${resp.status_code} 200
Dictionary Should Contain Value ${resp.json()} Testtokenname
${accessToken}= evaluate $resp.json().get("access_token")
BuiltIn.Log to Console ${accessToken}
${token}= catenate Bearer ${accessToken}
BuiltIn.Log to Console ${token}
${headers1}= Create Dictionary Authorization=${token}
RequestsLibrary.Create Session GT <Your Server URL> verify=${True}
${resp}= RequestsLibrary.Get Request GT <Your API URL> headers=${headers1}
Should Be Equal As Strings ${resp.status_code} 200

Getting 401 unauthorized error in /requests endpoint of Uber API

I have tried using the /requests endpoint with my Uber developer account's owner and developer accounts, but I get this error:
401 unauthorized,
{
"message": "This endpoint requires at least one of the following scopes: request.delegate.tos_accept, request, request.delegate", "code": "unauthorized"
}
My HTTP call is as follows:
POST https://sandbox-api.uber.com/v1.2/requests
Headers:
Authorization: Bearer ACCESS_TOKEN_OF_MY_DEVELOPER_ACCOUNT
Accept-Language: en_US
Content-Type: application/json
Parameters:
{"start_latitude":"21.1741125","start_longitude":"72.8121804","end_latitude":"21.2048986","end_longitude":"72.8386455"}
Whereas I get proper response from /requests/estimate endpoint with the same access token, for the same location parameters.
Please help with this.
The problem is you have not requested the 'request' scope during the oauth authorization process.