Thread Details
  • State Not Answered
  • Replies 2 replies
  • Subscribers 354 subscribers
  • Views 910 views
  • Users 0 members are here
Forum Actions
Related

Why does request to REST API return `need_login` when I have a valid access token

Rich Field

I can successfully request an access token with the following request

https://{{SUGAR_HOST}}/rest/v{{SUGAR_API_VERSION}}/oauth2/token

{
"grant_type": "password",
"client_id": "sugar",
"client_secret": "",
"username": "{{SUGAR_USER}}",
"password": "{{SUGAR_PWD}}",
"platform": "base"
}

Aside: the documentation says to use something other than base|moblie|portal but when I do this request fails with error:

{
"error": "invalid_parameter",
"error_message": "Invalid platform specified."
}

I then use the access token returned by the above request to call an endpoint (passing the token as a Bearer token)

https://{{SUGAR_HOST}}/rest/v{{SUGAR_API_VERSION}}/JOB_Jobs

This fails with the error:

{
"error": "need_login",
"error_message": "No valid authentication for user."
}

Why does the access token not allow me, err, access?

V 11_20

  • 0

    1st: You can use base, mobile and all the other pre defined platforms (see admin - integration platforms) but when you use base for the integration you will be cicked out of the desktop application every time you login with the API.

    If you want to define a own platform, you can do that in admin - integration platforms.

    2nd: After you logged in you get the token in the result like this:

    {
        "access_token""fc38f14b-2419-4f2d-8d2d-3b7961c14461",
        "expires_in"3600,
        "token_type""bearer",
        "scope"null,
        "refresh_token""6320493e-27b5-4439-8f55-41cd3867683d",
        "refresh_expires_in"1209599,
        "download_token""71f34b49-67cd-4918-a662-779fab32d9fe"
    }
    For all following API calls you must add the access_token to the header of your API call, e.g.
    curl --location 'server/.../ProductTemplates' \
--header 'OAuth-Token: fc38f14b-2419-4f2d-8d2d-3b7961c14461'
    or in C#:
    var options = new RestClientOptions("">http://server")
{
  MaxTimeout = -1,
};
var client = new RestClient(options);
var request = new RestRequest("/sugardev1300/rest/v10/ProductTemplates", Method.Get);
request.AddHeader("OAuth-Token", "fc38f14b-2419-4f2d-8d2d-3b7961c14461");
RestResponse response = await client.ExecuteAsync(request);
Console.WriteLine(response.Content);
  • 0 in reply to Harald Kuske

    Thanks Harald, `OAuth-Token` was the piece I was missing