I'm trying to start using the REST API but I am seemingly unable to get my requests authorized. I've tried generating my JWT in a couple different ways and both paths lead to an Unauthorized error message when running a GET request.
I've set up a new client connection for the REST API following the instructions found here:
After setting up the client connection, I'm trying a GET request in Postman to generate the token and I have gone into the Authorization tab and filled out Auth URL, Access Token URL, Client ID, and Client Secret, I've set the scope to evolution and the Grant Type is set to Authorization Code. When I click the Get New Access Token button, I'm met with the below error. From what I understand, this is meant to take me to a login page where I can put in the credentials to use to authenticate but it fails.
I've also tried generating a token via a POST request where I'm entering in the above keys as well as a username and password for an account that has API access and while I am able to get a code from that request, when I run a GET request with that code to pull some information, it throws a 401 error that states "Authentication credentials are missing or invalid." I've tried using my own admin account as well as the MANAGER account and both are denied access. What am I doing wrong here?
Best Regards,
Ian Sasser
Hi
The first place to start is to review the logged messages under the Hyland.Identity.Provider profile in Hyland Diagnostics. You should see a message under with a LogLevel of Error. You'll see something like the following ...
The error message should provide more context about the problem.
Best wishes.
The token request is a POST, that is why your second approach works and returns the token.
What specific API endpoint call are you trying to use?
Is there any more information being presented in the Diagnostic Console?
I like using PostMan to test as well.
Here are a few screenshots from my dev system...
Note: This is an older screenshot. As I have become more experienced with PostMAN, I have learned that you can use the Authorization tab (instead of the Body: x-www-form-urlencoded) with OAuth2 and Configure a New Token to run your API Call in a single step.
success:
Configuring a GET to the API Server (Document API) for a document by docID (aka Doc Handle or ItemNum)
This one has no other requirements...just include the ID in the endpoint
There are some API Calls that do require the body include some required JSON.
For example, the Reset User Password(Admin API) will give a bad call if you forget to send the payload.
{ "password": "passw0rd", "forcePasswordChangeOnNextLogin": true}Question 1: What specific API endpoint call are you trying to use?
Below is the endpoint I am trying to use.
I've also tried this endpoint:
Question 2: Is there any more information being presented in the Diagnostic Console?
Yes there is. Below is the log message:
What source parameter is it referring to here?
Something else I've noticed about my new client connection is that I don't have redirect URLs for this one where as the others do. How can I determine which redirect URLs I need? Or do I need them at all? I've read in other forum posts that if you are using a Client Secret, which I am, you won't need the redirects.
