SystemLink

cancel
Showing results for 
Search instead for 
Did you mean: 

HTTP request not authorized if not logged on server

Hi all,

I am using SystemLink HTTP  API and a homemade Web application hosted on Systemlink server. The problem is that my request are only authorized when I'm logged in the server. I tried http://username:password@hostname.com/requestUrl but it didn't work, could you help me with that please.

0 Kudos
Message 1 of 3
(636 Views)

Hello Nandi,

 

Have you tried interfacing with the auth service in the NIAPIs?

http://yourserverORlocalhost/niapis

 

Try using this interface to test what works for you.

 

One option is to create apikeys that are static or session based then when the client opens a connection with this key is used to allow the connection.  Once the session is authenticated, you can call the apis as you normally would because your session/connection has been authenticated. 

 

There is a whitelist session which I assume means via a policy you can make certain items available via a session token.  (have not done this)

 

The authorize button in swagger in the upper right that allows you to test the interface with a specific apikey.

 

I just tried the auth service/auth command...  I put an invalid key in the x-ni-api-key and tried to run the get auth command...

get the 

<title>401 Unauthorized</title>

So to create a new key via /auth you need

- workspaceID and policyID

 

workspaceID is found in the user service. 

policyID is in the auth service via /policies.  It will return all the resources.  Find the resource you want to assign to the key.

 

create the key by passing these values in:

{
  "name": "keyName",
  "policyIds": [
    "XXXXXXXX-XXXX-XXXXX-YYYY-ZZZZZZZZZZZ"
  ],
  "defaultWorkspace": "XXXXXXXX-XXXX-XXXXX-YYYY-ZZZZZZZZZZZ",
  "properties": {
    "key1": "value1"
  }
}

Should return 

 

{
  "created": "2021-05-12T00:59:21.234Z",
  "defaultWorkspace": "XXXXXXXX-XXXX-XXXXX-YYYY-ZZZZZZZZZZZ",
  "deleted": false,
  "enabled": true,
  "expiry": "9999-12-31T23:59:59Z",
  "id": "XXXXXXXX-XXXX-XXXXX-YYYY-ZZZZZZZZZZZ",
  "name": "string",
  "policies": [
    {
      "builtIn": false,
      "created": "2021-04-01T19:43:12.499Z",
      "deleted": false,
      "id": "XXXXXXXX-XXXX-XXXXX-YYYY-ZZZZZZZZZZZ",
      "name": "minion_PCNAME--SN-XXXX--MAC-ADDRESS-XXXXXXXX-XXXX-XXXXX-YYYY-ZZZZZZZZZZZ",
      "properties": {},
      "templateId": "XXXXXXXX-XXXX-XXXXX-YYYY-ZZZZZZZZZZZ",
      "type": "role",
      "updated": "2021-04-01T19:43:12.499Z",
      "userId": "XXXXXXXX-XXXX-XXXXX-YYYY-ZZZZZZZZZZZ",
      "workspace": "XXXXXXXX-XXXX-XXXXX-YYYY-ZZZZZZZZZZZ"
    }
  ],
  "properties": {
    "key1": "value1"
  },
  "updated": "2021-05-12T00:59:21.234Z",
  "userId": "XXXXXXXX-XXXX-XXXXX-YYYY-ZZZZZZZZZZZ",
  "secret": "TOKEN"

 

Now if you plug the secret token into authorize x-ni-api-key,  now I can invoke the /auth ok.   I am sure there are many ways to do this in more abstracted clever way but for me I am learning the mechanics.

 

putting the curl command here too:

curl -X GET "http://SLSVR/niauth/v1/auth" -H "accept: application/json" -H "x-ni-api-key: TOKEN"

 

Also, some services just require a session token.   So you need to fetch the token first and pass that with the request for the request to be processed.  

 

0 Kudos
Message 2 of 3
(586 Views)

Sorry for the late answer. 

I do use the NIAPIS service, I'm still learning about it and HTTP (I'm a newbie at web developpement).

Anyway, I actually  passed my encoded username and password to 'Authorization': in my headers request. Thank you for your solution

0 Kudos
Message 3 of 3
(497 Views)