Menu

Welcome, Guest
Username: Password: Remember me

TOPIC: Missing \"Authorization\" header issue

Missing \"Authorization\" header issue 5 days 15 hours ago #69234

  • nairit84
  • nairit84's Avatar
  • Offline
  • New Member
  • Posts: 5
  • Karma: 0
Hello everyone,

Installed Bitnami version of Suite CRM.

Was able to obtain access_toke, but not able to geting any request to API with 401 Unauthorized response and body

{
"error": "access_denied",
"message": "The resource owner or authorization server denied the request.",
"hint": "Missing \"Authorization\" header"
}


Content of httd-app.conf
<IfDefine USE_PHP_FPM>
    <Proxy "unix:/opt/bitnami/php/var/run/suitecrm.sock|fcgi://suitecrm-fpm" timeout=300>
    </Proxy>
</IfDefine>

<Directory "/opt/bitnami/apps/suitecrm/htdocs">
    Options +MultiViews
    AllowOverride All
    <IfVersion < 2.3 >
        Order allow,deny
        Allow from all
    </IfVersion>
    <IfVersion >= 2.3>
        Require all granted
    </IfVersion>
    
    
    <IfModule php7_module>
            php_value upload_max_filesize 60M
php_value post_max_size 60M
php_value memory_limit 256M

    </IfModule>

    <IfDefine USE_PHP_FPM>
<IfModule pagespeed_module>
    ModPagespeed off
</IfModule>

       <FilesMatch \.php$>
         SetHandler "proxy:fcgi://suitecrm-fpm"
       </FilesMatch>
    </IfDefine>

    Include "/opt/bitnami/apps/suitecrm/conf/banner.conf"
</Directory>

and .htaccess
# BEGIN SUGARCRM RESTRICTIONS
RedirectMatch 403 .*\.log$
RedirectMatch 403 /+not_imported_.*\.txt
RedirectMatch 403 /+(soap|cache|xtemplate|data|examples|include|log4php|metadata|modules)/+.*\.(php|tpl)
RedirectMatch 403 /+emailmandelivery\.php
RedirectMatch 403 /+upload
RedirectMatch 403 /+custom/+blowfish
RedirectMatch 403 /+cache/+diagnostic
RedirectMatch 403 /+files\.md5$
# END SUGARCRM RESTRICTIONS
<IfModule mod_rewrite.c>
    Options +FollowSymLinks
    RewriteEngine On
    #RewriteBase /suitecrm
    RewriteRule ^cache/jsLanguage/(.._..).js$ index.php?entryPoint=jslang&modulename=app_strings&lang=$1 [L,QSA]
    RewriteRule ^cache/jsLanguage/(\w*)/(.._..).js$ index.php?entryPoint=jslang&modulename=$1&lang=$2 [L,QSA]
    RewriteRule ^api/(.*?)$ lib/API/public/index.php/$1 [L]
    RewriteRule ^api/(.*)$ - [env=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
</IfModule>
<FilesMatch "\.(jpg|png|gif|js|css|ico)$">
        <IfModule mod_headers.c>
                Header set ETag ""
                Header set Cache-Control "max-age=2592000"
                Header set Expires "01 Jan 2112 00:00:00 GMT"
        </IfModule>
</FilesMatch>
<IfModule mod_expires.c>
        ExpiresByType text/css "access plus 1 month"
        ExpiresByType text/javascript "access plus 1 month"
        ExpiresByType application/x-javascript "access plus 1 month"
        ExpiresByType image/gif "access plus 1 month"
        ExpiresByType image/jpg "access plus 1 month"
        ExpiresByType image/png "access plus 1 month"
</IfModule>
The administrator has disabled public write access.

Missing \"Authorization\" header issue 5 days 13 hours ago #69241

  • pgr
  • pgr's Avatar
  • Offline
  • Administrator
  • Posts: 6868
  • Thank you received: 1048
  • Karma: 244
Normally there is no need to mess with .htaccess when installing SuiteCRM.

I've installed SuiteCRM on Ubuntu 16.04 in Azure in about 10 minutes. Not in Bitnami, that makes things more difficult.

I just do
apt install lamp-server^

and then the rest of the normal steps as in suitecrm.com/suitecrm/forum/installation...ubuntu-16-04-1#45976
The administrator has disabled public write access.

Missing \"Authorization\" header issue 5 days 13 hours ago #69244

  • nairit84
  • nairit84's Avatar
  • Offline
  • New Member
  • Posts: 5
  • Karma: 0
Probably this a solution, but to check it need to start from scratch, maybe someone knows how it could be solved.
The administrator has disabled public write access.

Missing \"Authorization\" header issue 5 days 13 hours ago #69250

  • pgr
  • pgr's Avatar
  • Offline
  • Administrator
  • Posts: 6868
  • Thank you received: 1048
  • Karma: 244
Which API are you trying to use, v4 or v8?

And which SuiteCRM version?

Is the rest of the app working well?

There might be something wrong with your API request, not necessarily a .htaccess problem...
Last Edit: 5 days 13 hours ago by pgr. Reason: add sentence
The administrator has disabled public write access.

Missing \"Authorization\" header issue 5 days 13 hours ago #69255

  • nairit84
  • nairit84's Avatar
  • Offline
  • New Member
  • Posts: 5
  • Karma: 0
I am using API version 8.

I am able to call /api/v8/swagger.json and getting 200 OK with huge json response and also as I sad able to get access_token trough /api/oauth/access_token and Web App also working, so it seems it is working fine.
But when trying to get response from those modules endpoints using token always get "Missing \"Authorization\" header"
The administrator has disabled public write access.

Missing \"Authorization\" header issue 5 days 12 hours ago #69260

  • djsamson
  • djsamson's Avatar
  • Offline
  • Administrator
  • Posts: 154
  • Thank you received: 34
  • Karma: 4
Hi,

Once you have authenticated with OAuth 2 Server, It will send you the access token in the response with the time out in seconds.


Each time you access the API resources on SuiteCRM, you need to include the access token in the Authorization header like
Authorization: Bearer token-string
The administrator has disabled public write access.

Missing \"Authorization\" header issue 5 days 11 hours ago #69266

  • nairit84
  • nairit84's Avatar
  • Offline
  • New Member
  • Posts: 5
  • Karma: 0
Sorry I didn't mention that I am definitely sending this header along with request.
The administrator has disabled public write access.
Time to create page: 0.096 seconds
Powered by Kunena Forum