API Authentication Token Failing

I'm attempting to use a third-party workflow tool to deposit some information into M-Files. I am attempting to get a valid authentication token and then simply return root vault items for testing.

I have this working in the postman collection. However, I'm getting varying results depending on what tool I am using.

I've replicated just the Auth Token request in my third-party application. It resolves and provides an authToken as expected. I tried passing the returned authToken manually into Postman to call the root items request. I continue to receive a 403 error when attempting to use tokens created by my workflow tool.

{
    "Status"403,
    "URL""/views/items",
    "Method""GET",
    "Exception": {
        "Name""UnauthorizedAccessException",
        "Message""Login to vault failed"
    },
    "Stack""Error reference ID: 4c4cebf7-8f1a-402d-b3ff-49f9339fb1d6",
    "Message""Login to vault failed",
    "IsLoggedToVault"false,
    "IsLoggedToApplication"true,
    "ExceptionName""UnauthorizedAccessException"
}

I'm wondering if this is an issue of where the request originates from as I've replicated this using PowerAutomate rather than the other third-party tool to generate my authToken. I was successful in generating a valid authentication token through PowerAutomate. I called the authtoken and manually inserted into postman and the subsequent calls returned as expected.

I believe there is another post where someone is attempting to use make.com for some automation and had similar outcomes. 

Why when passing the same headers and body from two different apps to M-Files do I get a token that works from one but not the other? I'm raising the same question to the third-party app.

Parents
  • {
        "Status"403,
        "URL""/views/items",
        "Method""GET",
        "Exception": {
            "Name""ForbiddenException",
            "Message""Token-based authentication failed.",
            "InnerException": {
                "Name""CryptographicException",
                "Message""Error occurred while decoding OAEP padding.",
                "StackText"""
            }
        },
        "Stack""",
        "Message""Token-based authentication failed.",
        "IsLoggedToVault"false,
        "IsLoggedToApplication"false,
        "ExceptionName""ForbiddenException"
    }
  • Still hitting a snag here. I passed in the cookies with the generated authToken and still getting a 403 error.

    -------------------------------------------------------------------
    Request:
    GET : x.cloudvault.m-files.com/.../items
    X-Authentication: [authToken]
    Content-Type: application/json
    Cookie: ASP.NET_SessionId=3nauruocgtht1qqvgh1chlh0;mfilesmsm=b1c0037a81bc2237
    -------------------------------------------------------------------
    Response:
    403 Forbidden
    Cache-Control:private
    Date:Tue, 27 Feb 2024 21:32:53 GMT
    Strict-Transport-Security:max-age=31536000; includeSubDomains;
    X-Content-Type-Options:nosniff
    X-Frame-Options:SAMEORIGIN
    X-XSS-Protection:1; mode=block
    Content-Length:335
    Content-Type:application/json; charset=utf-8

    {"Status":403,"URL":"/views/items","Method":"GET","Exception":{"Name":"UnauthorizedAccessException","Message":"Login to vault failed"},"Stack":"Error reference ID: b7faab5e-86fb-41d3-817f-97509086f914","Message":"Login to vault failed","IsLoggedToVault":false,"IsLoggedToApplication":true,"ExceptionName":"UnauthorizedAccessException"}
    -------------------------------------------------------------------
    Call failed for: x.cloudvault.m-files.com/.../items with Forbidden code. Error: {"Status":403,"URL":"/views/items","Method":"GET","Exception":{"Name":"UnauthorizedAccessException","Message":"Login to vault failed"},"Stack":"Error reference ID: b7faab5e-86fb-41d3-817f-97509086f914","Message":"Login to vault failed","IsLoggedToVault":false,"IsLoggedToApplication":true,"ExceptionName":"UnauthorizedAccessException"}

  • As I said before: this error (not the one you were getting, but this specific "login to vault failed" error) is because some of the credentials (username, password, vault GUID) are incorrect, or the token isn't correctly being added to the HTTP request.

    If you're still struggling with this and can't see what's wrong then - as a partner - you may want to log an implementation support request so that one of the US-based partner team can support you directly.

Reply
  • As I said before: this error (not the one you were getting, but this specific "login to vault failed" error) is because some of the credentials (username, password, vault GUID) are incorrect, or the token isn't correctly being added to the HTTP request.

    If you're still struggling with this and can't see what's wrong then - as a partner - you may want to log an implementation support request so that one of the US-based partner team can support you directly.

Children