i create a DB2 service in IBM cloud and i read that i can access at my db via REST.
so, i try to connect using this:
curl -k -X POST 'https://MY_DB_URL/dbapi/v4/auth/tokens'
-d '{"userid":"MY_SERVICE_USER", "password":"MY_SERVICE_PASSWORD"}'
and the response is always:
{"trace":"TRACE_CODE","errors":
[{
"code":"invalid_parameters",
"message":"HWCSEC0012E: The credential is invalid! For regular credentials, both the user name and password are required. For IAM API key or token credentials, they mustn't be empty.",
"target":{"type":"","name":""},
"more_info":""
}]
}
i really don't know how to solve that.
docs:
https://cloud.ibm.com/apidocs/db2-on-cloud#request-a-new-access-token
https://developer.ibm.com/static/site-id/85/api/db2whc/
i solve. they want in header
{Content-Type: text/plain}
it's not make sense, the body is a json...
Related
I have to create two rest services via keycloak.
The first one sends a verification code to a phone number. The second one grant a token to a user if the verification code is correct for a given phone number.
I have created a module with a custom SPI following the guide in https://github.com/FX-HAO/keycloak-phone-authenticator. The provider can be found. I have also created the Direct grant flow copy and made it the default direct grant flow for the realm.
I can send the verification code with a request to http://{host}//auth/realms/{my_realm}/{my_provider}/send_sms
However, I cannot get the token using the following request:
curl -X POST http://{host}/auth/realms/{my realm}/protocol/openid-connect/token
-H 'authorization: Basic {my keycloak admin username and password}'
-H 'content-type: application/x-www-form-urlencoded' -d 'grant_type=password&phone_number={phone number}&code={code}'
I keep getting the invalid_client_credentials error and it seems that my provider is not called because there is nothing in its logs.
What am I doing wrong?
As #sventorben said, the problem was in specifying wrong credentials for the client
Currently, I can able to connect with strophe by giving jid and password in Angular project. But by giving jid and password is not safe. Instead of giving jid and password, is there any other way like JWT simple authentication? Ejabberd is hosted in local system with Windows OS.
I am looking for token based login.
this._xmppConnection = new Strophe.Connection("http://localhost:5280/bosh/", { 'keepalive': true });
this._xmppConnection.connect(jid, password, this._onConnect);
// working one
I am looking for connecting strophe using JWT token. Is there such support in ejabberd?
#sahal You can achieve that using other mediums of authentication eg. OAuth token
Generate OAuth token for user using ejabberd api.
endpoint: /api/oauth_issue_token
sample: curl -H "X-Admin: true" -X POST -u admin_jid:pass -d '{"jid": "user_jid", "ttl": 3600, "scopes": "connected_users_number;sasl_auth"}' http://ip:port/api/oauth_issue_token
While creating strophe instance pass option mechanisms as [Strophe.SASLXOAuth2]
While connecting replace password with your oauth token eg. connection.connect(jid, ejabberd_oauth_token)
I want to play with the IBM Watson Speech to Text Service. How do I get the IAM apikey and the IAM url.
On show credentials, I get this -
{
"apikey": "###########",
"iam_apikey_description": "Auto generated apikey during resource-key operation for Instance - #######",
"iam_apikey_name": "######",
"iam_role_crn": "######",
"iam_serviceid_crn": "######",
"url": "https://gateway-syd.watsonplatform.net/speech-to-text/api"
}
If you are using the API docs to code in a programming language like Node.JS -
Your apikey in the credentials is the IAM_apikey and url is the URL in your credentials.
If you are planning to use curl, you can generate an access token using the apikey and url following the instructions here
You can also use the same "basic" authorization to try out any Watson service in Curl:
curl -u "apikey:{apikey}" "{url}/{method}"
replace {apikey} with the ### value you see and replace {url} with that value.
For example,
curl -X GET -u "apikey:"###########" "https://stream.watsonplatform.net/speech-to-text/api/v1/models"
See https://cloud.ibm.com/apidocs/speech-to-text#authentication
I, basically, have two related questions.
In my case, I have a global Mongo authentication as admin with the password pass. I implemented my BCryptAuth as described in this answer, so I can create users without any authentication like this:
curl -d 'username="barack"' -d 'password="obama"' http://0.0.0.0:5000/users/?pretty
Then, I can access my api using my Mongo authentication like this:
curl -u admin:pass http://0.0.0.0:5000/users/?pretty
But I cannot use any of my new user's credentials to get any data. So, the request
curl -u barack:obama http://0.0.0.0:5000/users/?pretty
does not work. I always get 401:
{
"_status": "ERR",
"_error": {
"code": 401,
"message": "Please provide proper credentials"
}
}
In this example, after implementing basic authentication, the request is the following:
curl -H "Authorization: Basic YWRtaW46c2VjcmV0" -i http://example.com
It is not clear for me what the token after the Basic keyword is. I also tried to use this format in my case, but nothing works.
So, the first question is, what must be the format of the request as the barack user with the password obama for the BasicAuth?
Also, I am trying to implement the TokenAuth. Then the second question is, what is the format of the request with the token?
I could not find any clear information about this.
UPDATE
Thanks to #gcw, I figured out how to make the request using the Authorization header.
Couple of remarks:
The Base64 decoding on linux is done with echo '<base64encodedstring>' | base64 -d. The -D is the macos option.
The Base64 encoding is done with: echo -n '<string>' | base64. The -n is important - it drops the new line character, which is by default included in the <string>.
But I still was not able to use my newly created users to login to the api.
The Authorization header must have the admin:pass information in base64 format. If you check the contents of YWRtaW46c2VjcmV0 by decoding it with echo "YWRtaW46c2VjcmV0" | base64 -D you can see that it is admin:secret. Try to use your credentials in base64 format to see if that works. Also, you can generate the Authorization header using Postman Basic Auth tab.
About using the TokenAuth, you can use Bearer instead of Basic to pass your token in base64 format. This answer here explains some details about different HTTP authentication methods.
I am following this doc for reference.
I am able to get information for secure gateway, which is already created. But when I am trying to create a new secure gateway from the REST API, it is asking for authentication. I have tried to provide the authentication information two ways:
I have provided the oauth authorization header obtained from the cf oauth-token, but it gives me an unauthorized error.
I have given basic authentication (username and password of the Bluemix account) information, but it gives me an unauthorized error.
Note: I am using postman for this operation
Postman details:
url: https://sgmanager.au-syd.bluemix.net/v1/sgconfig?org_id=girishxxxxxxx#gmail.com&space_id=Equxxxxx
It is also saying "Invalid org_id", but the org_id is valid.
To create a gateway via the SG API, your request will need the query parameters ord_id and space_id (the guids, not the friendly names). The authorization header will be Basic <your_base64_encoded_username:password> or Bearer <bluemix_token>. For example:
curl "https://sgmanager.au-syd.bluemix.net/v1/sgconfig?org_id=myOrgGuid&space_id=mySpaceGuid" -H "Authorization: Basic dXNlcm5hbWU6cGFzc3dvcmQ=" -d '{"desc":"My Gateway"}'