[Koha] Koha API - Authentication Failure

Aswin Unnikrishnan aswinunni01 at gmail.com
Tue May 18 02:52:53 NZST 2021


Thanks Stephen, Tomas for the quick response.

Aswin - are you using the correct URL to call your custom endpoint. It
> should be under the contrib namespace e.g.
>

The app i am making is not part of koha, its a seperate web app which makes
calls to /api/v1/ end points of the koha server.

Does the user (owner of the id/secret pair) have privileged access to Koha?
> Remember it needs to have permissions to enter the staff interface (the
> 'catalogue' permission) in order to access routes (other than those in the
> /api/v1/public namespace).
>
Yes, the user has permission set to access all librarian functions, I also
tried accessing the api end point via browser after logging in to the staff
portal with this user, and im getting the correct response.

Im also not able to access api/v1/.html from the browser, it gives a 403
Error page. I checked the error logs and found this

[authz_core:error] [pid 25846]  AH01630: client denied by server
> configuration: /usr/share/koha/api/v1/.html
>


Is there any logging systems in place which could give more info regarding
the authorization failure error? or any idea whats wrong?

Thanks,
Aswin


On Mon, 17 May 2021 at 19:13, Tomas Cohen Arazi <tomascohen at gmail.com>
wrote:

> Does the user (owner of the id/secret pair) have privileged access to
> Koha? Remember it needs to have permissions to enter the staff interface
> (the 'catalogue' permission) in order to access routes (other than those in
> the /api/v1/public namespace).
>
> BTW: All routes also have some required permissions you should take a look
> at. Specific ones.
>
> Kind regards
>
> El lun, 17 may 2021 a las 9:40, Aswin Unnikrishnan (<aswinunni01 at gmail.com>)
> escribió:
>
>> Hi,
>>
>> I wanted to build an app that uses the koha API, and so i was testing it
>> out, but I keep getting "Authentication Failure" error whichever end point
>> I try to access.
>> The steps i did are
>>
>> 1. Got the client_id / secret from koha
>> 2. Sent a POST request to api/v1/oauth/token with required parameters and
>> got  an "access_token" returned
>> 3. Added the token to my authorization header with header-prefix "Bearer"
>> 4. Sent a GET request to different end points, but getting the same 401
>> Unauthorized error code with error : Authentication failure
>>
>> However if i access one of the public end points like
>> /api/v1/biblios/{biblio_id} i can get a response
>>
>> If anyone has any idea why this is happening, please  let me know.
>>
>> Thanks in advance,
>> Aswin
>> _______________________________________________
>>
>> Koha mailing list  http://koha-community.org
>> Koha at lists.katipo.co.nz
>> Unsubscribe: https://lists.katipo.co.nz/mailman/listinfo/koha
>>
>
>
> --
> Tomás Cohen Arazi
> Theke Solutions (http://theke.io)
> ✆ +54 9351 3513384
> GPG: B2F3C15F
>


More information about the Koha mailing list