Highlighted
Roger Hansson Valued Contributor.
Valued Contributor.
227 views

REST error User Application 4.7.2 Is able to get access_token but not a successfull Rest API call

Jump to solution

 

I follow REST API Documentation (below) and successfully and I get a access_token

Determine where your authorization server is listening for logins. Usually it is the server base url + /osp/a/idm/auth/oauth2/grant.
Obtain OSP client userid and password. Out of the box, client id is rbpm and password as set by your system administrator during install.
Obtain a userid and password of a user who has the required privilege for the API you wish to call.
Create a REST POST request with the following characteristics:
content-type header: application/x-www-form-urlencoded
authorization header: Basic Auth format using client userid/password from step 2 above
body: \"grant_type=password&username=USERID&password=PASSWORD\", where USERID and PASSWORD are from step 3 above
The JSON response comes back like this:{\n \"access_token\": \"eHwAIIo/s5YRJUlk7vudjO3DQSHcwsubZOe...\",\n \"token_type\": \"bearer\",\n \"expires_in\": 2592001,\n \"refresh_token\": \"eHwAIMImaydGbAamBgNA1CEGcFjCXNcaqM4OA...\"\n}\n

This below results in error 404:

Sample Rest API call:
Consider a POST request for creating a new Navigation item in Applications page.

1) Setting Authorization header
Access token generated by following the above mentioned steps is used in the API call as follows :

Authorization header : Bearer [space] [Access Token]

2) Request method: POST
3) Request URL: [host url]/rest/access/ulp/items
4) Content-type: application/json
5) Payload
{ "items":[ { "name":"Microfocus", "desc":"Microfocus Link", "appUrl":"http://www.microfocus.com", "idmdashAppUrl":"http://www.microfocus.com", "itemOrder":11, "image":"", "idmdashImage":"", "itemCategoryId":1 } ] }

Like this:

POST https://MY_SERVER_DNS:8543/IDMProv/rest/access/ulp/items

Authorization Header:  Bearer eH8AIOhLw0QRslPNMDf56FBMUM8ye4aeyiZN7/43ZeO2KT9yBCe7ZS4XKwp4OFa9lL7xLxzb6c4P7LiAtvD8LL@C9cHBMDku1XL3@F0lpAKeR6ngRpF43uHdWpaiLgp6GmS1l74O7tf9/2DisHHZoUyCSi55SNzu4CpU9RfZ96lZTLv5cl3ju5cT3sCRtDSCK36xOQ5iwtISG48euLN6GUcY3/rlBf6fJdfxa0RUcaKactZb

Payload/Body  Content-type: application/json:  {"items":[{"name":"Microfocus","desc":"Microfocus Link","appUrl":"http://www.microfocus.com","idmdashAppUrl":"http://www.microfocus.com","itemOrder":11,"image":"","idmdashImage":"","itemCategoryId":1}]}

Response: HTTP/1.1 404
Content-Length: 0
Date: Sat, 17 Aug 2019 10:08:42 GMT 

I get no errors in catalina.out

Any ideas?

Labels (1)
0 Likes
1 Solution
9 Replies
Satz Respected Contributor.
Respected Contributor.

Re: REST error User Application 4.7.2 Is able to get access_token but not a successfull Rest API cal

Jump to solution

Only POST Method is not working ?

 

0 Likes
Roger Hansson Valued Contributor.
Valued Contributor.

Re: REST error User Application 4.7.2 Is able to get access_token but not a successfull Rest API cal

Jump to solution

No, I have tested GET /access/requests/history, (https://server:port/rest/access/requests/history). And GET /users/userDefaults (https://server:port/rest/access/users/userDefaults).

Also this: GET /statistics/memoryinfo (https://server:port/rest/catalog/statistics/memoryinfo).

Error 404.

0 Likes
Knowledge Partner
Knowledge Partner

Re: REST error User Application 4.7.2 Is able to get access_token but not a successfull Rest API cal

Jump to solution

To clarify, have you been able to get a token from OAuth?  If not, enable logging to ALL on OSP.

/op/netiq/idm/apps/tomcat/bin/setenv.sh file in the last line look for the osp log param set to WARN probably and change to ALL for debugging (Put it back when done, super duper verbose).

See if that gives you any error messages.

0 Likes
Roger Hansson Valued Contributor.
Valued Contributor.

Re: REST error User Application 4.7.2 Is able to get access_token but not a successfull Rest API cal

Jump to solution

Embarrassing to say but I connected to my iManager server -not User Application.

I do get a error now and not a access token:

 

"Fault": 
"Value": "Sender",
"Subcode": 
"Value": "XDAS_OUT_ENTITY_NON_EXISTANT"
"Code":
 
"Reason": 
"Text": "Not found: auth"

 

0 Likes
Satz Respected Contributor.
Respected Contributor.

Re: REST error User Application 4.7.2 Is able to get access_token but not a successfull Rest API cal

Jump to solution

I think you are missing IDMProv in your URL. 

Can you try as like below..

https://Server:Port/IDMProv/rest/access/info/version

0 Likes
Roger Hansson Valued Contributor.
Valued Contributor.

Re: REST error User Application 4.7.2 Is able to get access_token but not a successfull Rest API cal

Jump to solution

Thank you for clarifying that.

I don't get a access token now when I connect to the running UA server (and not a server where we tried to install UA but with no succeess, except osp)

Error now:

error.jpgpost.jpg
0 Likes
Roger Hansson Valued Contributor.
Valued Contributor.

Re: REST error User Application 4.7.2 Is able to get access_token but not a successfull Rest API cal

Jump to solution

No REST access-token (see previous message for error message) but web login works.

In catalina.out I get some errors after login:

One is this: No external item found with id:cn=HomeMyHistory,cn=NavItems,cn=UIConfig,cn=AppConfig,cn=User Application Driver,No external item found with id:cn=HomeMyHistory,cn=NavItems,cn=UIConfig,cn=AppConfig,cn=User Application Driver,cn=Driver Set,o=servercn=Driver Set,o=server

I have specified UA Driver and not User Application Driver in Configupdate.sh. Where is this "User Application Driver" coming from?

Log is attached

0 Likes
Roger Hansson Valued Contributor.
Valued Contributor.

Re: REST error User Application 4.7.2 Is able to get access_token but not a successfull Rest API cal

Jump to solution

This is from log file idapps.out when I get "unauthorized_client" , "Profile Resource Owner Credentials not supported for client "rbpm"",

Any ideas?

Preamble: [OSP]
Priority Level: FINER
Java: internal.osp.common.logging.HttpRequestLogger.log() [340] thread=https-jsse-nio-8543-exec-3
Time: 2019-08-23T15:49:17.716+0200
Log Data: HttpServletRequest (Number 1)
Method: POST
Request URL: /osp/a/idm/auth/oauth2/grant

Preamble: [OIDP]
Priority Level: FINER
Java: internal.osp.oidp.service.oauth2.handler.Grant.getCommand() [204] thread=https-jsse-nio-8543-exec-3
Time: 2019-08-23T15:49:17.727+0200
Elapsed time: 55.972 microseconds
Log Data: Parse OAuth 2.0 response_type or grant_type:
grant_type: password
Maps to: Resource Owner Password Credentials Grant profile

Preamble: [OIDP]
Priority Level: FINER
Java: internal.osp.oidp.service.session.NIDPSession.() [344] thread=https-jsse-nio-8543-exec-3
Time: 2019-08-23T15:49:17.739+0200
Elapsed time: 1.489 milliseconds
Log Data: Creating new session:
Identifier: cd1716c0c5ac11e9a0e20050569ef062-543d3039793521203c-CX

Preamble: [OIDP]
Priority Level: FINER
Java: internal.osp.oidp.service.cluster.ClusterCookieContext.resolveSession() [147] thread=https-jsse-nio-8543-exec-3
Time: 2019-08-23T15:49:17.732+0200
Elapsed time: 8.643 milliseconds
Log Data: Session will be created because the request is not a user request and no cookie accompanied the request.

Preamble: [OIDP]
Priority Level: FINER
Java: internal.osp.oidp.service.session.NIDPSession.getSessionData() [811] thread=https-jsse-nio-8543-exec-3
Time: 2019-08-23T15:49:17.744+0200
Elapsed time: 2.396 milliseconds
Log Data: Get session data based on request:
Creating new session data; id: 0

Preamble: [OIDP]
Priority Level: INFO
Java: internal.osp.oidp.service.oauth2.handler.TokenRequestHandlerBase.auditTokenCreation() [392] thread=https-jsse-nio-8543-exec-3
Time: 2019-08-23T15:49:17.759+0200
Log Data: IssueOAuthToken

Preamble: [OIDP]
Priority Level: FINER
Java: internal.osp.framework.UIResponder$Response.setResponse() [1464] thread=https-jsse-nio-8543-exec-3
Time: 2019-08-23T15:49:17.760+0200
Elapsed time: 6.323 milliseconds
Log Data: Set response:
JSON content.

Preamble: [OSP]
Priority Level: FINER
Java: internal.osp.common.logging.HttpResponseLogger.log() [138] thread=https-jsse-nio-8543-exec-3
Time: 2019-08-23T15:49:17.771+0200
Log Data: HttpServletResponse (Number 1)
Duration (seconds): 0.60

 

0 Likes
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.