UFT Digital Lab Appium Testing with SSO and LDAP -> 401 Unauthorized

Hello-

I have UFT Digital Lab version 2023 running with LDAP and SSO and I'm trying to test with Appium but no matter the combination of tools/capabilities, I always get a 404 Unauthorized.

Here are the capabilities:
{
  "uftm:oauthClientId": "oauth2-HaokDr1MHILQyTrF@microfocus.com",
  "uftm:oauthClientSecret": "5RVXoQ0Db1ou3fv2X2i",
  "uftm:tenantId": "999999999",
  "appium:udid": "00008110-000958229192EEA1E",
  "browserName": "Safari",
  "platformName": "iOS",
  "appium:bundleId": "com.apple.Safari",
  "appium:automationName": "XCUITest"
}

I've tried with Appium Inspector and python (using the sample here).  I've combed thru the capabilities for UFT 2023and other forum posts without success.

When I download the Appium logs from the GUI they only show heartbeat type messages so this must be at the level before Appium would execute.

So, is it possible to authenticate with the Access Keys of type "Execution" on a server that has both LDAP and SSO enabled?  Where can I go to check out what is happening with this authentication error?

Thanks in advance!

  • 0  

    Hi Mathew,

    Yes, you can open Appium sessions while having LDAP or SSO enabled on your server. 
    Now, you're saying that you enabled both, LDAP and SSO. I think the tool shouldn't allow you to do this, but if somehow you managed to do this, then this could be the reason why it fails.
    Other than this, we might need to have the server logs to check further. 

    Regards,
    Alvaro

  • 0 in reply to   

    Hi Alvaro,

    Thanks for the response.  I'm not the administrator of this system so the LDAP configuration was an assumption on my part.  SSO is definitely enabled.

    Can you point me in the direction of the logs I should be looking at on the system to diagnose the 401 Unauthorized errors I'm seeing with the Appium interface?

    Thanks for your help!

  • 0   in reply to 

    Hi Matthew,

    Just before going to the logs, make sure that the execution access key is valid and correct. You may generate a new one just in case.
    From the set of capabilities provided, remove the one below
    "appium:bundleId": "com.apple.Safari" 

    It isn't needed since you're using browserName.

    If your UFT M/DL user is an admin, you can download the server logs through the question mark on the top-right of the page > Collect Logs.
    I'd suggest opening a Support case for help analyzing the logs. I'd be particularly interested in the service.log and security.log.

    You may also right-click the Appium Inspector interface > Inspect, to open the developer tools. Then go to the Network tab and try to open the session. You'll then see a "session" call. You can use the Response Header > correlationId to search in all logs and find all the messages related to that.

    Regards,
    Alvaro

  • 0 in reply to   

    Hi Alvaro,

    I went back and tried a new access key which didn't work right away, but then started working after some time (maybe a hour).  It seems there may be some delay on my servers as all the generated keys are working now.

    I removed that capability for the bundleId and was able to use Appium Inspector with success.  Also thanks for the tip on getting the session to correlate with the logs.

    When I'm able to get in contact with the server administrator I will see about getting those logs and analyzing what was going on with access.  I will open a support case if needed.

    I appreciate your help but I'm working well now.  Thanks again!

    -Matt

  • 0   in reply to 

    No problem, Matthew. Thanks for sharing your findings.
    It really sounds like a time issue on the server side. That could explain this behavior. I'd advise you to get in touch with the admin so he can check this out.

    Alvaro