Solved

REST API: Authentication

  • 26 January 2021
  • 8 replies
  • 2034 views

Userlevel 2
Badge +4

Hi guys!

 

I’m completely new to REST API.

I just downloaded the Postman CommVault Rest API Workspace and now I’m trying to start with the basic: authentication. But let’s get one step back to the Swagger UI. Just to exclude any wrong configuration inside Postman. 

I created a new test user inside the CommCell. This user is member of “master” group, so permissions should not be a problem. If I visit the Swagger UI (https://<webserver>/webconsole/sandbox/apiexplorer) and try the POST Login with this test user I get the message: errLogMessage": "Username/Password are incorrect"

Well I’m pretty sure the username and the password is correct. I also tried to encode the password with Base64, but get the same error message. Other users also didn’t work. 

Also I can see a “Authorize” button on the top right corner. When I click on this button I can provide a Authtoken. But where I get this from?

 

Obviously I’m doing something wrong here. Please tell me what. :rolling_eyes:

icon

Best answer by MFasulo 26 January 2021, 15:07

View original

8 replies

Userlevel 7
Badge +15

Hi Dimitri

Thanks for posting your question!

You can try the sandbox environment to get setup and check your headers and ensure the password is encoded as expected:

http://client.mydomain.com/webconsole/sandbox

https://documentation.commvault.com/commvault/v11_sp20/article?p=45545_1.htm

 

The first step is to Login, providing the credentials with POST Login:

https://documentation.commvault.com/commvault/v11_sp20/article?p=45578_2.htm

 

When successful, the response will contain the authtoken that you need to provide in your subsequent REST API calls.

The authtoken will timeout after 30 minutes of inactivity and you will need to re-login and obtain a new authtoken.

Please let me know if this helps or if you’re still having trouble.

Thanks,

Stuart

Userlevel 2
Badge +4

Hi Stuart,

thank you for the fast reply. This solves the question regarding the authtoken.

If I visit “http://client.mydomain.com/webconsole/sandbox” the page is loading and nothing more. (after SSO) - but “https://client.mydomain.com/webconsole/sandbox/apiexplorer” is working fine. Is there any special Role I have to install on the CommServ? (it’s also hosting the webconsole)

https://client.mydomain.com/webconsole/sandbox/apiexplorer” is the Swagger UI, which I mentioned above. Here I get the error message. 

Login
Response

 

I tried it with the username and password and also with the username and Base64 encoded password.

 

EDIT: After 20 minutes the sandbox website is visible. Wow. I’ll check it out now.

EDIT 2: When I use the username and the password inside the sandbox website I get a token. So why this is not working on the Swagger UI or in Postman?

Userlevel 6
Badge +12

@Dimitri 

In swagger, go to POST /Login  and put your password in Base64 and your user name.  See below.

 

 

Once that is done it will return the “token” in the response body:

 

 

Take the entire token and paste it into the “Authorize” button at the top of the swagger UI.  As you can see below the token starts with QSDK.   Click the authorized button and you should be able to run all the commands.  Let me know if you need any help.

 

 

Userlevel 2
Badge +4

Hi MFasulo,

thanks, I got the workflow! :-)

The problem I have is:

I’m doing exactly this and get the error message above. Username and Bas64 encoded password. The same is working inside the sandbox, I get the token. But it’s not working in the swagger UI.

 

 

Userlevel 6
Badge +12

Hi Stuart,

thank you for the fast reply. This solves the question regarding the authtoken.

If I visit “http://client.mydomain.com/webconsole/sandbox” the page is loading and nothing more. (after SSO) -

 

Check webconsole.log for any errors.  You should see something like “request path  : /sandbox/staticTree.jsp”  Look for messages around that line.

Userlevel 6
Badge +12

Hi MFasulo,

thanks, I got the workflow! :-)

The problem I have is:

I’m doing exactly this and get the error message above. Username and Bas64 encoded password. The same is working inside the sandbox, I get the token. But it’s not working in the swagger UI.

 

 

 

Just to be sure… if you take the base64 password from postman and plug it into swagger does it work?  Postman does that base64 conversion for you, so doublecheck the base64 conversion that you are using in swagger and the one you get from postman are the same (trust me, ive done that before, since I usually use some base64 conversion site)

 

 

Userlevel 2
Badge +4

Well, my fault… found the problem. I used WSL for encoding and this looks like the problem. Just encoded the same string with a online encoder and got a different encoded string. And this is working… shame on me! But idk why the WSL gives me a different value. (Used echo > ‘clearpassword’ | base64)

Alright, now I’m authorized with the token! Thanks guys!

Badge

Hi Dimitri

Thanks for posting your question!

You can try the sandbox environment to get setup and check your headers and ensure the password is encoded as expected:

http://client.mydomain.com/webconsole/sandbox

https://documentation.commvault.com/commvault/v11_sp20/article?p=45545_1.htm

 

The first step is to Login, providing the credentials with POST Login:

https://documentation.commvault.com/commvault/v11_sp20/article?p=45578_2.htm

 

When successful, the response will contain the authtoken that you need to provide in your subsequent REST API calls.

The authtoken will timeout after 30 minutes of inactivity and you will need to re-login and obtain a new authtoken.

Please let me know if this helps or if you’re still having trouble.

Thanks,

Stuart

Hi @Stuart Painter @Dimitri ,

 

Do you know how can I make the token last for let`s say 6 months or so? I`m trying to put together an automation for reporting and I don`t really want to pass the password in clear, even if it`s converted in base64. 

Reply