I'm using Azure Media Services. I have an encoded asset placed there with Content Key and Asset Delivery Policy. I'm also using the Token restriction.
I am able to stream the video well on localhost but as soon as I deployed the application to the server it stopped streaming and giving an error code: 0x20500006 (of Azure Media Player).
When I checked all the requests I found that there is a request to Key Delivery service with some KID and it returned the following response:
<Error>
<Message>
Failed authorization policy evaluation.
</Message>
<Code>
Unauthorized
</Code>
</Error>
I am using the HTTPS protocol on the server also tried over HTTP as well but got no response.
I responded to your post on MSDN. Posting on here for visibility.
"There are different reasons for the unauthorized error. It may be due to one of the following reasons:
Missing authentication header.
Bad authentication header value.
-The token has expired.
-The token contains an invalid signature.
Policy misconfiguration
No token in the request
Please double check to make sure your token has not expired. Also, for the Media Services REST request to succeed, the calling user must be a Contributor or Owner role in the Media Services account it is trying to access. For more information, see this documentation about Access control."
Related
I struggle a bit to get Nextcloud to work with Google as SSO provider. I have URL target of the iPd is https://accounts.google.com/o/saml2/idp?idpid=xxxxxxx then I get
403. That’s an error.
Error: app_not_configured_for_user
So following the suggestion here, I changed the url to
https://accounts.google.com/accountchooser?continue=https://accounts.google.com/o/saml2/idp?idpid=xxxxxx
Which redirects me to the google account chooser, but then I get, after selecting my account
null. That’s an error.
Error parsing the request, No SAML message present in request That’s all we know.
Sometimes I am not asked for a user account, so then I get the following from Nextcloud
Account not provisioned.
Your account is not provisioned, access to this service is thus not possible.
What worked for me is to configure Google having these attribute mappings
While on Nextcloud I configure SAML as follows
I have configured our Azure Data Factory with a REST Link Service. I have obtained a valid token from the end service.
The token successfully works when using the token with POSTMAN, but the token returns Error status code 401 Unauthorized with Azure Data Factory.
As you can see with POSTMAN when I send a GET request with the Token I get data back:
However, with Azure Data Factory I get the error:
{
"errorCode": "2200",
"message": "Failure happened on 'Source' side. ErrorCode=RestCallFailedWithClientError,'Type=Microsoft.DataTransfer.Common.Shared.HybridDeliveryException,Message=Rest call failed with client error, status code 401 Unauthorized, please check your activity settings.\nRequest URL: https://pm2.preqinsolutions.com/apiCore/api/countries.\nResponse: ,Source=Microsoft.DataTransfer.ClientLibrary,'",
"failureType": "UserError",
"target": "Copy data1",
"details": []
}
The ADF Link Service is a follows:
Can someone see something obvioius that would prevent access due 401 Unauthorized status with ADF?
I have also tried the following ADF configuration. However, I'm getting the same error:
Please try changing the authHeader name to Authorization and the value to Bearer <your API key>. I suspect from the screenshot of Postman that is what it’s doing. If that does not work then please provide a link to the documentation. This explains Bearer tokens.
You might also check the lifetime of your access token and make sure it doesn’t expire after an hour, for example.
I did a quick test against a REST API I know (Power BI REST API). The linked service looks like this and the value for the Authorization header was Bearer MY_ACCESS_TOKEN_HERE.
The dataset looks like:
The source of the Copy activity looks like:
This succeeded.
I would suggest you contact pm2.preqinsolutions.com support to see if they can provide more information on your access token / API key and have them confirm that the API isn't restricted to be accessed from only certain allowed API addresses. (ADF will not be accessing it from an on-premises IP address like your laptop.) You might also change the REST API linked service to use a self-hosted integration runtime instead of an Azure integration runtime to validate the IP address the API is called from isn't the issue.
The Paypal API doesn't recognize my Client ID and Secret I got from https://developer.paypal.com/developer/applications/
I wanted to include a server side checkout according to this tutorial https://developer.paypal.com/docs/archive/checkout/how-to/server-integration/
When I do the request to https://api-m.paypal.com/v1/payments/payment I always get a 401 Error with the message "Authentication failed due to invalid authentication credentials or a missing Authorization header.".
I checked multiple times if my credentials were correctly included into the request. I also tested the endpoint in my server environment and as well via Postman.
I also tried the route https://api-m.sandbox.paypal.com/v1/oauth2/token to exchange my credentials with an access token and got the same problem.
I also tried to create multiple Sandbox and Live Accounts and always got the same error.
Has anyone an idea what the problem could be?
There are two separate issues here.
You first need to use /v1/oauth2/token to obtain an access token, and then use that access token to call any of the other actual APIs.
The credentials you obtain from PayPal Developer will be for either "Sandbox", or "Live". Make sure you choose the correct tab (sandbox, for development). Sandbox credentials will only work for api-m.sandbox.paypal.com , and Live credentials will only work for api-m.paypal.com . The two environments are completely separate.
If you still have issues, post the SANDBOX client ID and secret you are using, and the full request and response to the api-m.sandbox.paypal.com endpoint. There should be a PayPal-Debug-Id in any error response, in the headers if nowhere else.
Recently,I needed to access HUAWEI AppGallery Connect API
and create a product through the PMS API (server API). However, when Postman
was used for basic service interconnection tests,
the error message "403 client token authorization fail" was displayed.
how can i fix it?
Based on the error code included in your screen captures, the error was caused by an authentication failure.
To solve the problem, you first need to confirm that the client ID used for applying for the token has sufficient permission.
HMS official document suggested that the project associated with the API client be selected as N/A. You need to create an API client and associate it with a project. E.g. An app ID in the project was 100xxx591. However, the app ID in the Postman service request was 101xxx531, which would cause the authentication failure.
Also, to fix the above, you need to create an API client and selected N/A (indicating that all projects are supported), and use the client to request a token. The process should work well after this.
In general, if Huawei's 403 authentication failure occurs, you can verify the permission first, and then check the associated projects.
For more details about the PMS API, please refer to this link.
I'm trying to use an Office 365 organizational SharePoint site as a storage point through the SharePoint REST API for docx files generated in a Rails app. I've registered the app through https://<domain>.sharepoint.com/_layouts/15/appregnex.aspx and obtained a client_id and client_secret. Using https://<domain>.sharepoint.com/_layouts/15/appinv.aspx, I gave the app the following permissions:
<AppPermissionRequests AllowAppOnlyPolicy="true">
<AppPermissionRequest Scope="http://sharepoint/content/sitecollection" Right="FullControl" />
</AppPermissionRequests>
Using the oauth2 gem, I've so far managed to obtain an access token using client_credentials:
client = OAuth2::Client.new(<client_id>, <client_secret>, site: "https://<domain>.sharepoint.com", token_url: "https://login.windows.net/<tenant_id>/oauth2/token")
token = client.get_token(grant_type: "client_credentials", client_id: client.id, client_secret: client.secret, resource: "https://<domain>.sharepoint.com")
The client_credentials strategy seems to work, as a token is received. However, trying to use it results in failure.
token.get("/_api/web/title") returns OAuth2::Error: { "error_description" : "The server was unable to process the request due to an internal error. For more information about the error, either turn on IncludeExceptionDetailInFaults (either from ServiceBehaviorAttribute or from the <serviceDebug> configuration behavior) on the server in order to send the exception information back to the client, or turn on tracing as per the Microsoft .NET Framework SDK documentation and inspect the server trace logs." }
RestClient.get("https://<domain>.sharepoint.com/_api/web/title", { "Authorization" => token.token }) returns RestClient::Unauthorized: 401 Unauthorized
I'm pretty much at my wits' end over this, and I'm this close to telling my boss that if it can somehow be done, I'm simply not knowledgeable enough to do it.
The IncludeExceptionDetailInFaults is a wcf service setting in the endpoint applications web.config. If you have access to the server https://.sharepoint.com then you can turn that on momentarily. Basically, this will send the exception trace dump to the client in the response. By default, any 500 status errors will come back with no information except for ...ooops an error occurred.
I don't know how that server is configured or that much about SharePoint at all. However, the error could be anything imaginable and not even related to oauth. Unless you can get the server log or have it spit back the exception then you are going to be spinning your wheels.
Very likely you don't have sufficient permissions. Try with different scopes.