Menu
SuiteCRM dedicated support by SalesAgility
Welcome, Guest
Username: Password: Remember me

TOPIC: API Request

API Request 4 months 1 week ago #63330

  • hopley
  • hopley's Avatar
  • Offline
  • New Member
  • Posts: 19
  • Thank you received: 1
  • Karma: 0
Followed docs for the API-Version-8.

When I run a simple test with a OAuth2 Client

From the docs
Authentication with Client Credentials

POST /api/oauth/access_token

$ch = curl_init();
$header = array(
   'Content-type: application/vnd.api+json',
   'Accept: application/vnd.api+json',`
);
$postStr = json_encode(array(
   'grant_type' => 'client_credentials',
   'client_id' => '3D7f3fda97-d8e2-b9ad-eb89-5a2fe9b07650',
   'client_secret' => 'client_secret',
   'scope' => ''
));
$url = 'https://path-to-instance/api/oauth/access_token';
curl_setopt($ch, CURLOPT_URL, url);
curl_setopt($ch, CURLOPT_CUSTOMREQUEST, 'POST');
curl_setopt($ch, CURLOPT_POSTFIELDS, $postStr);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_HTTPHEADER, $header);
$output = curl_exec($ch);

Using my corrected URL and client_id (also have to update the line for CURLOPT_URL, $url

The response is *not* a token.

I get
the response(output):
{"error":"invalid_client","message":"Client authentication failed"}


In the logs --> "POST /{{INSTANCE}}/api/oauth/access_token HTTP/1.1" 401 67 "-" "-"

1) How can I test and confirm the function of the v8 API ?

What other details should I provide? (php v7.2.4 , PCRE 8.41 ) SuiteCRM 7.10.2

Any pointers or additional details beyond the docs at docs.suitecrm.com/developer/api/version-8/ ?

thanks for your time
The administrator has disabled public write access.

API Request 4 months 1 week ago #63334

  • brendanb
  • brendanb's Avatar
  • Offline
  • Junior Member
  • Posts: 28
  • Thank you received: 2
  • Karma: 0
Hey,

To test I have been using Postman. Ive been using this to get a grip on what the request and response is:

For exmaple: Here is my Login request to Grab a token
Attachments:
The administrator has disabled public write access.

API Request 4 months 1 week ago #63335

  • brendanb
  • brendanb's Avatar
  • Offline
  • Junior Member
  • Posts: 28
  • Thank you received: 2
  • Karma: 0
And here an example of returning an opportunity record
Attachments:
The administrator has disabled public write access.

API Request 4 months 1 week ago #63336

  • hopley
  • hopley's Avatar
  • Offline
  • New Member
  • Posts: 19
  • Thank you received: 1
  • Karma: 0
Hi BrendaB!

thanks I may have to check out postman too.

I see from the screen grab you have the username/password set up. I believed for the client_credentials that was not needed.

Did I miss something? A goal was that I could create OAuth2 Clients that were independent of a user.

As a simple test I want to have some .php that I can call and get an access_token.

I would follow that up with more active requests.

I am having success with other OAuth2 servers using my Golang code

though at this point a simple .php client calling SuiteCRM is giving the error I noted earlier.

I appreciate your feedback. Is there more detail I can put out or is there more examples to
review? I am not sure why the auth fails.

I hope your weekend goes great
The administrator has disabled public write access.

API Request 4 months 1 week ago #63337

  • brendanb
  • brendanb's Avatar
  • Offline
  • Junior Member
  • Posts: 28
  • Thank you received: 2
  • Karma: 0
Hi,

Good point on the uname & password. I did this and it worked still.

So, im working in C# to call the API to do various changes/updates/linking.

Im calling the login which returns a token, then im using this throughout the rest of the series of calls.

Question:
Are you testing in postman and is this returning the error messages?

Originally I had setup suitecrm with nginx as the http server. This caused issues with the api just not working. So I eneded up going back to apache.

Question:
Can you at least hit the swagger list?
Attachments:
Last Edit: 4 months 1 week ago by brendanb.
The administrator has disabled public write access.

API Request 4 months 1 week ago #63338

  • hopley
  • hopley's Avatar
  • Offline
  • New Member
  • Posts: 19
  • Thank you received: 1
  • Karma: 0
BrendanB -- please excuse my junior details or mis-speak if I have below. I am just starting out with the API ...

So,

Yes. The php is doing a 'POST'. I put a reflection of the code in the initial message. Below (with some abstraction) is the file I was using to call.

The server is behind an apache server. Here a few details for us all to review and have on record:

(Server version: Apache/2.2.34 (Unix))

PHP Version 7.2.4
OpenSSL Library Version OpenSSL 1.0.2k-fips 26 Jan 2017
PCRE Library Version 8.41 2017-07-05
SuiteCRM 7.10.2


Let me know if I can add anything in addition that would be of help to know about, OK?

RE: swagger list... Is that making the call to api/v8/swagger.json ?

THEN, IF so ==> yes

I had left the client_secret blank ( on earlier unsuccessful tests I created and used a value but made no difference so now none to simplify ....)

###
.php called as php -f auth_test.php


<?php
$ch = curl_init();
$header = array(
'Content-type: application/vnd.api+json',
'Accept: application/vnd.api+json',
);
$postStr = json_encode(array(
'grant_type' => 'client_credentials',
'client_id' => '{{GUID}}',
'client_secret' => '',
'scope' => ''
));

$url = 'https://{{HOSTTNAME}}/{{INSTANCE}}/api/oauth/access_token';
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_CUSTOMREQUEST, 'POST');
curl_setopt($ch, CURLOPT_POSTFIELDS, $postStr);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_HTTPHEADER, $header);
$output = curl_exec($ch);
echo "the response(output):\n";
print($output);
$txt = "\ncompleted\n";
echo $txt;
#for review
print($postStr);
?>


###

output ==> {"error":"invalid_client","message":"Client authentication failed"}

I wanted to just have simple .php file as that provides a means for simple testing and
i think more like what I will be doing for code (that is I will not use postman to run my code .. hope that seems reasonable).

thanks for your eyes on this / feedback
The administrator has disabled public write access.

API Request 4 months 1 week ago #63339

  • brendanb
  • brendanb's Avatar
  • Offline
  • Junior Member
  • Posts: 28
  • Thank you received: 2
  • Karma: 0
Right,

Cool, So I took your code and out this onto my dev box to see if it worked. I can confirm it works fine. Returned a token to the screen in json.

I just changed a few things namely:

client_id
client_secret
url
<?php
$ch = curl_init();
$header = array(
'Content-type: application/vnd.api+json',
'Accept: application/vnd.api+json',
);
$postStr = json_encode(array(
'grant_type' => 'client_credentials',
'client_id' => 'c9b554f6-2a67-5d9d-f4e5-5ab97c2f1308',
'client_secret' => 'mysecret',
'scope' => ''
));

$url = 'http://www.mysite.com/api/oauth/access_token';
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_CUSTOMREQUEST, 'POST');
curl_setopt($ch, CURLOPT_POSTFIELDS, $postStr);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_HTTPHEADER, $header);
$output = curl_exec($ch);
echo "the response(output):\n";
print($output);
$txt = "\ncompleted\n";
echo $txt;
#for review
print($postStr);
?>
The administrator has disabled public write access.
The following user(s) said Thank You: hopley

API Request 4 months 1 week ago #63340

  • hopley
  • hopley's Avatar
  • Offline
  • New Member
  • Posts: 19
  • Thank you received: 1
  • Karma: 0
Great news! But bleech. So my server is meh

I will need to turn back to it and dig in.

A few questions:

a) What are your server details (suite, php , httpd etc.) IF you are OK with that detail.

b) was there any configuration / set up / tweaking / edits or ninja work you did to get it going?

In advance for your time - thanks again

I am glad the that .php works that leave some comfort
The administrator has disabled public write access.

API Request 4 months 1 week ago #63341

  • brendanb
  • brendanb's Avatar
  • Offline
  • Junior Member
  • Posts: 28
  • Thank you received: 2
  • Karma: 0
Sure,

I just setup a linode server, just a basic vm.

I used a guide very similar to the following link

www.tecmint.com/install-suitecrm-in-centos-and-ubuntu/

Nothing special with setup.

my Apache.conf looks like:
<VirtualHost *:80>

        ServerAdmin admin@sitename.com.au
        DocumentRoot /var/www/suitecrm-development/
        ServerName crm.sitename.com.au
        ServerAlias crm.sitename.com.au

        <Directory /var/www/suitecrm-development/>

                Options FollowSymLinks
                AllowOverride All
                Order allow,deny
                allow from all

        </Directory>

        ErrorLog ${APACHE_LOG_DIR}/suitecrm_development.error.log
        CustomLog ${APACHE_LOG_DIR}/suitecrm_development.access.log combined

</VirtualHost>

Regards
The administrator has disabled public write access.

API Request 4 months 1 week ago #63342

  • hopley
  • hopley's Avatar
  • Offline
  • New Member
  • Posts: 19
  • Thank you received: 1
  • Karma: 0
Got it. I will step back and review my server.
The administrator has disabled public write access.

API Request 4 months 6 days ago #63383

  • brendanb
  • brendanb's Avatar
  • Offline
  • Junior Member
  • Posts: 28
  • Thank you received: 2
  • Karma: 0
Hi,

Just an fyi.

I just setup a new production server the other day. I just started using the API and when sending requests via postman they were failing with 404.

To resolve this I simply rebuilt the .htaccess file from admin. This resolved the issue

Regards
The administrator has disabled public write access.

API Request 4 months 5 days ago #63445

  • hopley
  • hopley's Avatar
  • Offline
  • New Member
  • Posts: 19
  • Thank you received: 1
  • Karma: 0
I initially had issues there to . The .htaccess rebuild was need for some redirects for ^api(.*) -> lib/SuiteCRM/API/public/index.php/$1

This is in place.

I still get => {"error":"invalid_client","message":"Client authentication failed"}
In response to my simple request.
The administrator has disabled public write access.

API Request 4 months 5 days ago #63446

  • hopley
  • hopley's Avatar
  • Offline
  • New Member
  • Posts: 19
  • Thank you received: 1
  • Karma: 0
ping

Any one have thoughts or feedback on this? How can I DEBUG deeper? Can I provide any additional details?

When I increased the debug level in the logs I see (snippet below) some queries to the database. I also note that keys
are being created but seem not used or not valid. My test .php client get this response = > {"error":"invalid_client","message":"Client authentication failed"}

### from log

Mon Apr 9 07:58:50 2018 [607][-none-][DEBUG] Hook called: OAuth2Clients::before_retrieve
Mon Apr 9 07:58:50 2018 [607][-none-][DEBUG] Retrieve OAuth2Clients : SELECT oauth2clients.* FROM oauth2clients WHERE oauth2clients.id = '{{SOME_GUID_THAT IS FOUND}}' AND oauth2clients.deleted=0
Mon Apr 9 07:58:50 2018 [607][-none-][DEBUG] Limit Query:SELECT oauth2clients.* FROM oauth2clients WHERE oauth2clients.id = '{{SOME_GUID_THAT IS FOUND}}' AND oauth2clients.deleted=0 Start: 0 count: 1
Mon Apr 9 07:58:50 2018 [607][-none-][INFO] Query:SELECT oauth2clients.* FROM oauth2clients WHERE oauth2clients.id = '{{SOME_GUID_THAT IS FOUND}}' AND oauth2clients.deleted=0 LIMIT 0,1


Thanks for looking at this
The administrator has disabled public write access.

API Request 4 months 5 days ago #63451

  • brendanb
  • brendanb's Avatar
  • Offline
  • Junior Member
  • Posts: 28
  • Thank you received: 2
  • Karma: 0
What version of suitecrm are you running?

I'm on 7.10.2

Did you try and rebuild server using the guide in the link I posted in previous message

Regards
The administrator has disabled public write access.

API Request 4 months 5 days ago #63452

  • hopley
  • hopley's Avatar
  • Offline
  • New Member
  • Posts: 19
  • Thank you received: 1
  • Karma: 0
I am on v7.10.2 as well.

A small update: One of the developers asked to have the TZ setting in PHP set to UTC and that
has made a difference in getting a success. More as I have details. Not sure why, unless it has
to do with timeouts.
The administrator has disabled public write access.
Time to create page: 0.132 seconds
Powered by Kunena Forum