I am getting a 403 response from the Power BI rest API and I am not sure why.
Here is the request I am making in cURL format(my actual web app is in Java):
curl -X GET -H "Authorization: Bearer accessToken" -H "Cache-Control: no-cache" 'https://api.powerbi.com/beta/myorg/dashboards'
I have given all Power BI Service permissions on my app in the azure management portal.
Do I need to replace 'myorg' with an actual org name? If so where would I find my org name? What am I doing wrong? This request seems to work for me in Aipary.io so I think it has something to do with my app not the request.
I have tried this request with both an admin account and a regular user and I get 403 responses for both of them.
I have also tried removing the Power BI Service permissions from the app with my admin account and then adding them again. That didn't work.
It seems to be that the 403 response was caused by the request in cURL missing some required parameters. The 403 response should show the error information that might be ignore.
Per my experience, I recommand you can try to use the GUI tool Postman in Chrome for requesting the APIs like cURL.
For checking the issue, you can follow the toturial https://powerbi.microsoft.com/en-us/documentation/powerbi-developer-authenticate-a-web-app/ to make sure the request required parameters correct.
However, according to your description for the issue, I can't locate the problem whether the prepare steps cause. So I suggest you can try to review the complete toturial https://powerbi.microsoft.com/en-us/documentation/powerbi-developer-steps-to-create-a-power-bi-app/ to be sure the every step is correct.
Hope it helps. Any concern, please feel free to let me know.
Related
I have a Spring app that I secured with Keycloak. I can access it with a terminal using the following command curl -X GET http://localhost:9089/my-service/mypage -H 'Authorization: Bearer +access_token'. Its is a bearer-only type of security.
I followed this tutorial (I had a hard time with french but still I figured it out) https://blog.ineat-conseil.fr/2017/11/securisez-vos-apis-spring-avec-keycloak-2-parametrage-dun-domaine-keycloak/
As a result, I get the HTML code of the corresponding page, which makes me think that it works.
However, when I try to type the link http://localhost:9089/my-service/mypagein my browser, it displays a 401 Unauthorized error. I'm using a #Controller and not a #RestController, even though I'm not sure that makes any significant difference in this case.
It's nice that it works with the terminal, but I can't really use my app with it.
My question is how can I overcome that 401 error so I can actually access my front interface from my browser ?
I wrote a context.io 2.0 java client for : accounts,discovery, threads and messages operations to be used in my project (based on the available ContextIO Java client).
My code is at : https://github.com/dileepajayakody/isis-reputationbox/blob/master/reputationbox/dom/src/main/java/at/tomtasche/contextio/ContextIO_V20.java
While testing it, when I invoke the accounts request: https://api.context.io/2.0/accounts and discovery requests (eg: https://api.context.io/2.0/discovery?email=testemail#gmail.com&source_type=IMAP, I successfully get the desired response with a HTTP 200
However when I invoke the messages, threads, contacts requests by adding the account_id parameter in the request URL (eg : https://api.context.io/2.0/accounts/1234ff425ad/messages) I get an empty JSON array with a HTTP 403 Forbidden response.
When I try out the same request in the contextio developer console, I get the response without a problem.
I don't think it's something wrong with the way I sign the oauth request since it's the same way I sign for accounts and discovery requests for which I get the contextIO response properly.
Any help in resolving this error is much appreciated.
Thanks,
Dileepa
I don't think the issue is related to oauth request signing, since we normally return 401 or 404 messages for errors there.
The fact there's no body content with the 403 response leads me to believe your api_key does not own the account specified. If it did own it then we would include a json array with type, code, value parameters to help debug the issue. If you have two developer accounts then you may just be using the wrong one for this test.
I hope this helps. If not, please feel free to contact us at support#context.io.
Thanks!
Dan
I am trying to get the refresh token from Google in order to access Google drive. So Far I have managed to create a page in google app engine which redirects me to authentication page and I am able to get the code. The url address for getting there is
Window.Location.assign("https://accounts.google.com/o/oauth2/auth?scope=profile&redirect_uri=http://127.0.0.1:8888/oauth2manager/redirect&response_type=code&client_id=1058171155388-hg2akr2idan7c2kvdam9b89vptcjai8i.apps.googleusercontent.com");
I then get redirected to the /oauth2manager/redirect servlet and get the code inside the doPost method
String code = request.getParameter("code");
My problem is that I cannot proceed as I constantly get the above error "Required parameter is missing: grant_type" I have tried restclient wiztools, RestEasy firefox extension even curl.
here is my Curl script
#!/bin/bash
$code= "4/E7i1aKu4C-Pf23-8hY4Y8OBe9IBZ.wtKglnd8-CMdOl05ti8ZT3aNPWw7igI";
curl -v --data "code="+$code+"&client_id=1058171155388-hg2akr2idan7c2kvdam9b89vptcjai8i#developer.gserviceaccount.com&client_secret=JHXTAT4UWwsNaMgm******&redirect_uri= http://127.0.0.1:8888/oauth2manager/redirect&grant_type=authorization_code" https://accounts.google.com/o/oauth2/token
How can this be solved? I am a total newbie at this.
I think your mixing Oauth types. The code you are using is for normal Oauth2. But your clientid is for a service account.
Normal Oauth2 will ask a user if they want to allow your access to their data. A service account is for allowing others access to the application's data, there is no permission request with a service account.
Link to the documentation for service accounts. Service account
I am getting FileNotFoundException when making GET call to REST API. Here HTTP status code I get is 403.
For POST call I get IOException : No authentication challenges found, whereas I pass Authorization header. Here I get HTTP status code 401.
Look at my already asked question to see the code and logcat screen shot for POST call.
Below I am attaching logcat screen shot for GET call :
Note :
1) I have tried using Authenticator.
2) Tried different base64 flags such as NO_WRAP, URL_SAFE, DEFAULT.
3) My simple call to www.google.com works.
4) When I log urlConnection.getErrorStream(), last line in image is printed. I don't understand what is that and what does it mean. I have specified Content-type to application/json in header.
UPDATE : I tried using Burp and found that headers "Accept", "Content-type" were different. I used the same as in iOS app. But still it does not work.
Things to note :
1) It always throws an Exception on the line in = urlConnection.getInputStream();.
2) I logged few things and according to it, content-length is 114, which is not null. content-type is application/json; charser=utf-8.
There's a difference between your HTTP traffic for iOS and for Android. This is guaranteed, otherwise you'd get identical behaviour from the server. The difference is probably in HTTP header(s) &/or parameter(s).
This is very difficult to debug remotely via SO Q&A - E.g. we don't know what headers & parameters your iOS client is successfully using nor how your server is configured & programmed.
How to diagnose the problem & correct yourself:
Trace your working HTTP traffic: iOS client <-> server
Trace your non-working HTTP traffic: Android client <-> server
Compare (2) and (3). For the most thorough comparison, save each HTTP request and response message as a separate file for (2) and (3), then diff the corresponding files.
Recommended HTTP tracing tools:
Fiddler2 (windows only) See also Documentation
Burp (JVM-based: windows, linux, OSX, etc) See also Getting Started
WebScarab (JVM-based: windows, linux, OSX, etc) See also Getting Started
UPDATE
Seems you have the same problem for both GET and POST: the server is configured for BASIC authentication, but the client is not following the authentication protocol correctly. I think it just shows as a slightly different sympton in the two cases: for GET it says 'resource not found' (because you're not authenticated) and for POST the resource is given by you, but the server says you're not authorized to change the resource on the server. I suggest you've done enough (good!) debugging of request contents and now you should stop and focus on getting authentication working.
Send you GET/POST request to the server without Authorization header
Allow the server to prompt you for authentication with a 401 response with an WWW-Authenticate header containing a challenge string (e.g. WWW-Authenticate: Basic realm="Protected" see RFC 2617 HTTP Basic Authentication and Digest Authentication)
Now send an additional GET request to server that (either without/with the original request contents), but includes the Authentication header, with Base 64 encoded username:password (Authorization: Basic ZnJhbms6ZmllZGxlcg==)
I solved my problem and it is something I never tried to focus on while solving the problem.
I need not pass Authorization header. The thing is that there are 2 credentials come into the picture. one is server's authorization and second is credentials for login API. In my app, user creates an account and login to it. To authenticate the user I pass credentials to server and server authenticate it.
So when user enters correct credentials then response received is correct. And, in case of wrong credentials, my server passes a error message You are not authorized person, which I want to display to user(as in my iOS app). So the problem is here that HTTP status code (in case of wrong credentals) is 401 and that is why I don't receive the message sent by the server (and receive No authentication challenges found message).
The reason why I don't receive server message is that HttpUrlConnection don't give server response when HTTP status code is >= 400.
The only option to get error details in case status code 400 and above is to use getErrorStream() method and using that I was receiving No authentication challenges found message.
Finally, either I had to handle each status code, that is equal and above 400, at client side or I can use HttpClient, instead of HttpUrlConnection. And now I am moving to HttpClient.
I had a similar problem, and solved by passing the authenticated session cookie. Not sure if that is possible in your situation.
AuthUser="foobar"
AuthPass="password"
URL targetUrl = new URL("http://www.google.com/");
HttpURLConnection connection = (HttpURLConnection) targetUrl.openConnection();
connection.setRequestMethod("GET");
connection.setDoInput(true);
String authStr = Base64Variants.MIME_NO_LINEFEEDS.encode((AuthUser+":"+AuthPass).getBytes());
connection.addRequestProperty("Authorization", "Basic "+authStr);
InputStream inputStream= connection.getInputStream();
I just run something like this and it worked perfectly for me. Just make sure you use Base64Variants.MIME_NO_LINEFEEDS and you should be able to create a proper authentication header. If that doesn't work, then you might have some problem on the server side.
I'm really new to APIs and POST or PUT or DELETE. I'm also new to running APIs using POST or other.
I have given a document which says
Function :- Add new Item
URI :- qtp/qtps
ACTION :- POST
REQUEST :- <n1:qtp xmlns:n1="http://www.mac.com/qts/xml/ns/qtm/qtpManagement"><name>rosa qtp 3</name><ipAddress>171.68.121.232</ipAddress><macAddress>10:0t:24:03:r7:57</macAddress><description>this is rosa qtp </description></n1:qtp>
I have absolutely no idea how to proceed further, But I know that by executing the request I need to Add a new Item in the application server, I tried something with browser myself but it did not work.
Can someone show me how can I work with this or explain me more about this or at-least give me a clue
One of the most useful tools for testing and debugging HTTP requests, in my experience, is cURL (http://curl.haxx.se/).
cURL is actually the under-the-hood library used for HTTP requests by a majority of PHP apps; the command-line version lets you do virtually anything that HTTP can do, and get great debugging data.
In the scenario you describe above, after downloading and installing cURL you'd likely use a command like:
curl --header "Content-Type: application/xml" --data '<XML YOU WANT TO SEND>' -X POST <URL TO WHICH DATA SHOULD BE SENT>
It's not clear from your question what the destination host+url is, but using the specific sample data you provide this would probably look like:
curl --header "Content-Type: application/xml" --data '<n1:qtp xmlns:n1="http://www.mac.com/qts/xml/ns/qtm/qtpManagement"><name>rosa qtp 3</name><ipAddress>171.68.121.232</ipAddress><macAddress>10:0t:24:03:r7:57</macAddress><description>this is rosa qtp </description></n1:qtp>' -X POST http://www.mac.com/qtp/qtps
Install a firebug plugin for that. You can use SOA client.