Project

General

Profile

Get token => unauthorized access

Added by Bert Clybouw 4 months ago

When I try to receive a token from the api. I get the message 'Unauthorized access'.
I use Xivo (Wazo) 15.14. I added a user in the 'Web Services Access' page.

This is my code:

$url_post = self::$host . "/0.1/token";
        $headers_post = array(
            'Accept: application/json',
            'Content-Type: application/json'
        );
        $init_token = curl_init();
        curl_setopt_array($init_token, array(
            CURLOPT_POST => 1,
            CURLOPT_URL => $url_post,
            CURLOPT_PORT => '9497',
            CURLOPT_HTTPHEADER => $headers_post,
            CURLOPT_RETURNTRANSFER => true,
            CURLOPT_SSL_VERIFYPEER => false,
            CURLOPT_USERPWD => 'my-username:my-password',
            CURLOPT_SSL_VERIFYHOST => false,
            CURLOPT_POSTFIELDS => json_encode(array(
                'backend' => 'xivo_user',
                'expiration' => 3600
            ))
        ));
        $response = curl_exec($init_token);

What could be wrong?


Replies (5)

RE: Get token => unauthorized access - Added by Pascal Cadotte-Michaud 4 months ago

Hi Bert,

the "xivo_user" backend is used for "regular" telephony users.

If you are trying to use the "root" user or another user create in the configuration tab of the web interface you should use the "xivo_admin" backend and if you are using a web service you should use the "xivo_service" backend.

RE: Get token => unauthorized access - Added by Bert Clybouw 4 months ago

Hi Pascal,

I tried both, but still get 'unauthorized access'.
Anything else that could cause this?

RE: Get token => unauthorized access - Added by Bert Clybouw 4 months ago

Hi Pascal,

I saw with the /backens function that only xivo_user is enabled. I don't know how to enable xivo_service. But for the convenience, we will first install an upgrade of Wazo. Then it should be enabled by default.
thanks

RE: Get token => unauthorized access - Added by Bert Clybouw 3 months ago

Hi Pascal,

Upgraded to version 18.03. I can now get a token with backend 'xivo_admin'.
But, when I try to use the token (/0.1/users) I receive 'Unauthorized Access'.

{
  "timestamp": 1529927005.213066,
  "message": "Unauthorized",
  "error_id": "unauthorized",
  "details": {
    "invalid_token": "3541fd8f-093b-4c00-b54a-c19XXXXXXX" 
  }
}

Is this because of a setting?

RE: Get token => unauthorized access - Added by Pascal Cadotte-Michaud 3 months ago

Hi Bert,

Each routes has an Required ACL that has to be satisfied to be able to complete the query.

/0.1/users requires auth.users.read. You can view all the required ACL by looking at the API doc on your Wazo http://<wazo ip>/api each route has a "Required ACL" section in its description.

To view the ACL that are available with you current token you can GET your token /0.1/token/3541fd8f-093b-4c00-b54a-c19XXXXXXX for example.

    (1-5/5)