REST authorization bearer token denied

jmarshall9120 · October 8, 2021, 2:54pm

After successfully receiving a bearer token, I still can’t query the API. Any help with trouble shooting would be great. Here is my workflow in HTTP: #Request POST https://192.168.1.10/_pxc_api/api/auth/auth-token content-type: application/json { "scope":"variables" } #Response HTTP/1.1 200 OK Server: nginx Date: Fri, 08 Oct 2021 14:37:03 GMT Content-Type: application/json Content-Length: 44 Connection: close Status: 200 OK read_time: 2021-10-08T14:37:03.996969Z end_time: 2021-10-08T14:37:03.997446Z Cache-Control: max-age=0, no-cache, no-store, must-revalidate Access-Control-Allow-Origin: * Access-Control-Allow-Credentials: true Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, Authorization Access-Control-Allow-Methods: GET, PUT, POST, DELETE, OPTIONS X-debug-message: location _pxc_api { "code": "XccK0YxVm4lyq3uv", "expires_in": 600 } #Request POST https://192.168.1.10/_pxc_api/api/auth/access-token content-type: application/json { "code": "XccK0YxVm4lyq3uv", "grant_type": "authorization_code", "username": "admin", "password": "12345678" } #Response HTTP/1.1 200 OK Server: nginx Date: Fri, 08 Oct 2021 14:42:02 GMT Content-Type: application/json Content-Length: 84 Connection: close Status: 200 OK read_time: 2021-10-08T14:42:02.136994Z Set-Cookie: acctkey=26e221af9fc7fc58; Path=/_pxc_api/api/auth/access-token; Secure; HttpOnly end_time: 2021-10-08T14:42:02.167995Z Cache-Control: max-age=0, no-cache, no-store, must-revalidate Access-Control-Allow-Origin: * Access-Control-Allow-Credentials: true Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, Authorization Access-Control-Allow-Methods: GET, PUT, POST, DELETE, OPTIONS X-debug-message: location _pxc_api { "token_type": "Bearer", "access_token": "22qSiGP7ZGp7u4jFATVK0jwiqDWOua79", "roles": [] } #Request POST https://192.168.1.10/_pxc_api/api/variables content-type: application/json authorization: Bearer 22qSiGP7ZGp7u4jFATVK0jwiqDWOua79 { "pathPrefix": "Arp.Plc.Eclr/", "paths": "Y0_BellSOL" } #Response HTTP/1.1 401 Unauthorized Server: nginx Date: Fri, 08 Oct 2021 14:45:22 GMT Content-Type: application/json Content-Length: 132 Connection: close Status: 401 Unauthorized WWW-Authenticate: Bearer realm="pxcapi", error="invalid_token" X-debug-message: location _pxc_api { "apiVersion": "1.6.0.0", "projectCRC": 2295408380, "error": { "code": 401, "details": [ { "domain": "authorization", "reason": "accessDenied" } ] } }

martin-plcnext · October 8, 2021, 3:14pm

I am sure you have seen the documentation on the REST interface in the Info Center: https://www.plcnext.help/te/Service_Components/REST_data_interface/REST_data_interface_Introduction.htm Here is a trace from a session that successfully reads and writes GDS variables - hopefully there’s some clues in there that might help with your problem. _get_auth_token https://192.168.178.156/_pxc_api/v1.2/auth/auth-token {"scope": "variables"} \--> {"code":"0e9ea61abcfc151b","expires_in":600} _get_auth_bearer https://192.168.178.156/_pxc_api/v1.2/auth/access-token b'{"code": "0e9ea61abcfc151b", "grant_type": "authorization_code", "username": "admin", "password": "1234567"}' \--> {"state":"0e9ea61abcfc151b","token_type":"Bearer","access_token":"2b3e46180e0335c0","roles":[]} _get_session_id https://192.168.178.156/_pxc_api/v1.2/sessions {'User-Agent': 'python-requests/2.25.1', 'Accept-Encoding': 'gzip, deflate', 'Accept': '*/*', 'Connection': 'keep-alive', 'Authorization': 'Bearer 2b3e46180e0335c0', 'Content-Length': '28'} stationID=Frank&timeout;=5000 \--> {"apiVersion":"1.4.0.0","projectCRC":1279771028,"userAuthenticationRequired":true,"sessionID":"s420819368","timeout":"5000"} read_variables https://192.168.178.156/_pxc_api/v1.2/variables?SessionID=s420819368&paths;=Arp.Plc.Eclr%2FMainInstance.Test_In_Variable%2CArp.Plc.Eclr%2FMainInstance.Test_In_Variable2 {'User-Agent': 'python-requests/2.25.1', 'Accept-Encoding': 'gzip, deflate', 'Accept': '*/*', 'Connection': 'keep-alive', 'Authorization': 'Bearer 2b3e46180e0335c0'} \--> {"apiVersion":"1.4.0.0","projectCRC":1279771028,"userAuthenticationRequired":true,"variables":[{"path":"Arp.Plc.Eclr/MainInstance.Test_In_Variable","value":true},{"path":"Arp.Plc.Eclr/MainInstance.Test_In_Variable2","value":true}]} {'Arp.Plc.Eclr/MainInstance.Test_In_Variable': True, 'Arp.Plc.Eclr/MainInstance.Test_In_Variable2': True} write_variables https://192.168.178.156/_pxc_api/v1.2/variables b'{"SessionID": "s420819368", "variables": [{"path": "Arp.Plc.Eclr/MainInstance.Test_Out_Variable", "value": "true", "valueType": "Constant"}, {"path": "Arp.Plc.Eclr/MainInstance.Test_Out_Variable2", "value": "true", "valueType": "Constant"}]}' \--> {"apiVersion":"1.4.0.0","projectCRC":1279771028,"userAuthenticationRequired":true,"variables":[{"path":"Arp.Plc.Eclr/MainInstance.Test_Out_Variable","value":true,"uri":"/_pxc_api/v1.2/variables/Arp.Plc.Eclr/MainInstance.Test_Out_Variable"},{"path":"Arp.Plc.Eclr/MainInstance.Test_Out_Variable2","value":true,"uri":"/_pxc_api/v1.2/variables/Arp.Plc.Eclr/MainInstance.Test_Out_Variable2"}]} {'Arp.Plc.Eclr/MainInstance.Test_Out_Variable': True, 'Arp.Plc.Eclr/MainInstance.Test_Out_Variable2': True}