Important Update: Some Community URL Redirects are Under Maintenance. Learn More. .

cancel
Showing results for 
Search instead for 
Did you mean: 

API Security Login

VarunGupta
Contributor II

Hi,

 

To receive a session token id from RSA Archer, I'm calling its security login API and receiving "LoginNotValid" over HTTP 200 response. 

Could you please suggest if Username need to be part of specific Access Control Group or any other configuration required?

I'm trying to call RSA exposed login API via Postman.

 

HTTP POST  https://<hostname>/RSAarcher1/platformapi/core/security/login

HEADER:

Accept: application/json,text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8

Content-Type: application/json

 

BODY:

{
"InstanceName":"v6.6",
"Username":"xxxxxx",
"UserDomain":"",
"Password":"xxxxxx"
}

 

RESPONSE:

{
"Links": [],
"RequestedObject": null,
"IsSuccessful": false,
"ValidationMessages": [
{
"Reason": "Validation",
"Severity": 3,
"MessageKey": "ValidationMessageTemplates:LoginNotValid",
"Description": "",
"Location": -1,
"ErroredValue": null,
"Validator": "ArcherApi.Controllers.SecurityController, ArcherApi, Version=6.6.500.1044, Culture=neutral, PublicKeyToken=null",
"XmlData": null,
"ResourcedMessage": null
}
]
}
Please suggest.
Thank You,
Varun Gupta
21 REPLIES 21

Ilya_Khen
Champion III

Varun Gupta,

 

This message mainly means that your credentials are not correct. Verify credentials, verify that domain is needed or not, verify user status just in case.

E.g. I get the same message when I purposely provide incorrect password to API.

Hi IIya,

I'm able to login to Web User Interface of RSA Archer using the same Username and Password. 

I have checked that I am part of no particular domain and my account status is active.

 

A user/application calling RSA Archer exposed APIs, need to be part of some group or domain?

 

Thank You.

Not really, especially if you were able to login.

 

Then I can think of:

1. Your password may contain some special characters which require escaping.

2. /api /platformapi nodes are not set as anonymous authentication.

Thank You IIya.

1. Password does contain special character # but I don't think that needs escaping.

2. How do I validate if /api  or /platformapi nodes are set as they should?

    Hoping by that you're pointing at API URL endpoint that contains /patformapi , since we are at v6.6 then /platformapi should be used rather /api in the API URLs, as captured in the API documentation.

 

Thank You.

Both nodes are still working as support backward compatibility for now. Kinda strange issue overall, but nevertheless the error still pointing at the credentials.

 

What if you try to use other accounts? Or other instance?

 

Kindest regards, I remain,

Ilya

Thank You IIlya. I will check try that.

 

Also, is it also true that for each API call, a new Service Account or Usename (System Administrative Role?) will be required in case I need to have multiple API calls in parallel ?

If in parallel, then yes.

Thank You IIya.

Do you know why RSA Archer can't support multi-threading for APIs?

And when will it be able to support multi-threading for APIs?

By design

Same way, why you cannot have the same user to login from different places without kicking each other. Some sort of integrity.

 

Feel free to vote for:

Multiple sessions for end users (Standard UI + PowerBI)