Options
  • State Suggested Answer
  • Replies 6 replies
  • Answers 2 answers
  • Subscribers 7 subscribers
  • Views 769 views
  • Users 0 members are here
Related

API Authentication Token Failing

Carter Naff

I'm attempting to use a third-party workflow tool to deposit some information into M-Files. I am attempting to get a valid authentication token and then simply return root vault items for testing.

I have this working in the postman collection. However, I'm getting varying results depending on what tool I am using.

I've replicated just the Auth Token request in my third-party application. It resolves and provides an authToken as expected. I tried passing the returned authToken manually into Postman to call the root items request. I continue to receive a 403 error when attempting to use tokens created by my workflow tool.

{
    "Status"403,
    "URL""/views/items",
    "Method""GET",
    "Exception": {
        "Name""UnauthorizedAccessException",
        "Message""Login to vault failed"
    },
    "Stack""Error reference ID: 4c4cebf7-8f1a-402d-b3ff-49f9339fb1d6",
    "Message""Login to vault failed",
    "IsLoggedToVault"false,
    "IsLoggedToApplication"true,
    "ExceptionName""UnauthorizedAccessException"
}

I'm wondering if this is an issue of where the request originates from as I've replicated this using PowerAutomate rather than the other third-party tool to generate my authToken. I was successful in generating a valid authentication token through PowerAutomate. I called the authtoken and manually inserted into postman and the subsequent calls returned as expected.

I believe there is another post where someone is attempting to use make.com for some automation and had similar outcomes. 

Why when passing the same headers and body from two different apps to M-Files do I get a token that works from one but not the other? I'm raising the same question to the third-party app.

Parents
  • 0
    {
        "Status"403,
        "URL""/views/items",
        "Method""GET",
        "Exception": {
            "Name""ForbiddenException",
            "Message""Token-based authentication failed.",
            "InnerException": {
                "Name""CryptographicException",
                "Message""Error occurred while decoding OAEP padding.",
                "StackText"""
            }
        },
        "Stack""",
        "Message""Token-based authentication failed.",
        "IsLoggedToVault"false,
        "IsLoggedToApplication"false,
        "ExceptionName""ForbiddenException"
    }
  • 0 in reply to Craig Hawker

    Still hitting a snag here. I passed in the cookies with the generated authToken and still getting a 403 error.

    -------------------------------------------------------------------
    Request:
    GET : x.cloudvault.m-files.com/.../items
    X-Authentication: [authToken]
    Content-Type: application/json
    Cookie: ASP.NET_SessionId=3nauruocgtht1qqvgh1chlh0;mfilesmsm=b1c0037a81bc2237
    -------------------------------------------------------------------
    Response:
    403 Forbidden
    Cache-Control:private
    Date:Tue, 27 Feb 2024 21:32:53 GMT
    Strict-Transport-Security:max-age=31536000; includeSubDomains;
    X-Content-Type-Options:nosniff
    X-Frame-Options:SAMEORIGIN
    X-XSS-Protection:1; mode=block
    Content-Length:335
    Content-Type:application/json; charset=utf-8

    {"Status":403,"URL":"/views/items","Method":"GET","Exception":{"Name":"UnauthorizedAccessException","Message":"Login to vault failed"},"Stack":"Error reference ID: b7faab5e-86fb-41d3-817f-97509086f914","Message":"Login to vault failed","IsLoggedToVault":false,"IsLoggedToApplication":true,"ExceptionName":"UnauthorizedAccessException"}
    -------------------------------------------------------------------
    Call failed for: x.cloudvault.m-files.com/.../items with Forbidden code. Error: {"Status":403,"URL":"/views/items","Method":"GET","Exception":{"Name":"UnauthorizedAccessException","Message":"Login to vault failed"},"Stack":"Error reference ID: b7faab5e-86fb-41d3-817f-97509086f914","Message":"Login to vault failed","IsLoggedToVault":false,"IsLoggedToApplication":true,"ExceptionName":"UnauthorizedAccessException"}

Reply
  • 0 in reply to Craig Hawker

    Still hitting a snag here. I passed in the cookies with the generated authToken and still getting a 403 error.

    -------------------------------------------------------------------
    Request:
    GET : x.cloudvault.m-files.com/.../items
    X-Authentication: [authToken]
    Content-Type: application/json
    Cookie: ASP.NET_SessionId=3nauruocgtht1qqvgh1chlh0;mfilesmsm=b1c0037a81bc2237
    -------------------------------------------------------------------
    Response:
    403 Forbidden
    Cache-Control:private
    Date:Tue, 27 Feb 2024 21:32:53 GMT
    Strict-Transport-Security:max-age=31536000; includeSubDomains;
    X-Content-Type-Options:nosniff
    X-Frame-Options:SAMEORIGIN
    X-XSS-Protection:1; mode=block
    Content-Length:335
    Content-Type:application/json; charset=utf-8

    {"Status":403,"URL":"/views/items","Method":"GET","Exception":{"Name":"UnauthorizedAccessException","Message":"Login to vault failed"},"Stack":"Error reference ID: b7faab5e-86fb-41d3-817f-97509086f914","Message":"Login to vault failed","IsLoggedToVault":false,"IsLoggedToApplication":true,"ExceptionName":"UnauthorizedAccessException"}
    -------------------------------------------------------------------
    Call failed for: x.cloudvault.m-files.com/.../items with Forbidden code. Error: {"Status":403,"URL":"/views/items","Method":"GET","Exception":{"Name":"UnauthorizedAccessException","Message":"Login to vault failed"},"Stack":"Error reference ID: b7faab5e-86fb-41d3-817f-97509086f914","Message":"Login to vault failed","IsLoggedToVault":false,"IsLoggedToApplication":true,"ExceptionName":"UnauthorizedAccessException"}

Children




              

© M-Files Corporation 2024 | Privacy Policy