From 04:00 PM CDT – 08:00 PM CDT (09:00 PM UTC – 01:00 AM UTC) Tuesday, April 16, ni.com will undergo system upgrades that may result in temporary service interruption.

We appreciate your patience as we improve our online experience.

SystemLink Forum

cancel
Showing results for 
Search instead for 
Did you mean: 

HTTP request not authorized if not logged on server

Hi all,

I am using SystemLink HTTP  API and a homemade Web application hosted on Systemlink server. The problem is that my request are only authorized when I'm logged in the server. I tried http://username:password@hostname.com/requestUrl but it didn't work, could you help me with that please.

0 Kudos
Message 1 of 3
(1,740 Views)

Hello Nandi,

 

Have you tried interfacing with the auth service in the NIAPIs?

http://yourserverORlocalhost/niapis

 

Try using this interface to test what works for you.

 

One option is to create apikeys that are static or session based then when the client opens a connection with this key is used to allow the connection.  Once the session is authenticated, you can call the apis as you normally would because your session/connection has been authenticated. 

 

There is a whitelist session which I assume means via a policy you can make certain items available via a session token.  (have not done this)

 

The authorize button in swagger in the upper right that allows you to test the interface with a specific apikey.

 

I just tried the auth service/auth command...  I put an invalid key in the x-ni-api-key and tried to run the get auth command...

get the 

<title>401 Unauthorized</title>

So to create a new key via /auth you need

- workspaceID and policyID

 

workspaceID is found in the user service. 

policyID is in the auth service via /policies.  It will return all the resources.  Find the resource you want to assign to the key.

 

create the key by passing these values in:

{
  "name": "keyName",
  "policyIds": [
    "XXXXXXXX-XXXX-XXXXX-YYYY-ZZZZZZZZZZZ"
  ],
  "defaultWorkspace": "XXXXXXXX-XXXX-XXXXX-YYYY-ZZZZZZZZZZZ",
  "properties": {
    "key1": "value1"
  }
}

Should return 

 

{
  "created": "2021-05-12T00:59:21.234Z",
  "defaultWorkspace": "XXXXXXXX-XXXX-XXXXX-YYYY-ZZZZZZZZZZZ",
  "deleted": false,
  "enabled": true,
  "expiry": "9999-12-31T23:59:59Z",
  "id": "XXXXXXXX-XXXX-XXXXX-YYYY-ZZZZZZZZZZZ",
  "name": "string",
  "policies": [
    {
      "builtIn": false,
      "created": "2021-04-01T19:43:12.499Z",
      "deleted": false,
      "id": "XXXXXXXX-XXXX-XXXXX-YYYY-ZZZZZZZZZZZ",
      "name": "minion_PCNAME--SN-XXXX--MAC-ADDRESS-XXXXXXXX-XXXX-XXXXX-YYYY-ZZZZZZZZZZZ",
      "properties": {},
      "templateId": "XXXXXXXX-XXXX-XXXXX-YYYY-ZZZZZZZZZZZ",
      "type": "role",
      "updated": "2021-04-01T19:43:12.499Z",
      "userId": "XXXXXXXX-XXXX-XXXXX-YYYY-ZZZZZZZZZZZ",
      "workspace": "XXXXXXXX-XXXX-XXXXX-YYYY-ZZZZZZZZZZZ"
    }
  ],
  "properties": {
    "key1": "value1"
  },
  "updated": "2021-05-12T00:59:21.234Z",
  "userId": "XXXXXXXX-XXXX-XXXXX-YYYY-ZZZZZZZZZZZ",
  "secret": "TOKEN"

 

Now if you plug the secret token into authorize x-ni-api-key,  now I can invoke the /auth ok.   I am sure there are many ways to do this in more abstracted clever way but for me I am learning the mechanics.

 

putting the curl command here too:

curl -X GET "http://SLSVR/niauth/v1/auth" -H "accept: application/json" -H "x-ni-api-key: TOKEN"

 

Also, some services just require a session token.   So you need to fetch the token first and pass that with the request for the request to be processed.  

 

0 Kudos
Message 2 of 3
(1,690 Views)

Sorry for the late answer. 

I do use the NIAPIS service, I'm still learning about it and HTTP (I'm a newbie at web developpement).

Anyway, I actually  passed my encoded username and password to 'Authorization': in my headers request. Thank you for your solution

0 Kudos
Message 3 of 3
(1,601 Views)