[Koha] Koha API - Authentication Failure

Tomas Cohen Arazi tomascohen at gmail.com
Tue May 18 06:18:02 NZST 2021


Check the plack*.log files in the logs

El lun., 17 may. 2021 14:53, Aswin Unnikrishnan <aswinunni01 at gmail.com>
escribió:

> Thanks for pointing that out Stephen, I will have to look into that, it
> might be the issue here.
>
> Tomas, I am not exactly sure if we have plack running or not.  Plack seems
> to be enabled, but plack logs are all empty. the logs are all at
> intranet-error.log and opac-error.log
>
> I will try out the apache CGIPass method as Stephen suggested and get back
> if it works.
>
> Thanks,
> Aswin
>
> On Mon, May 17, 2021, 9:02 PM Tomas Cohen Arazi <tomascohen at gmail.com>
> wrote:
>
>> Are you running Plack?
>>
>> El lun, 17 may 2021 a las 11:53, Aswin Unnikrishnan (<
>> aswinunni01 at gmail.com>) escribió:
>>
>>> Thanks Stephen, Tomas for the quick response.
>>>
>>> Aswin - are you using the correct URL to call your custom endpoint. It
>>>> should be under the contrib namespace e.g.
>>>>
>>>
>>> The app i am making is not part of koha, its a seperate web app which
>>> makes calls to /api/v1/ end points of the koha server.
>>>
>>> Does the user (owner of the id/secret pair) have privileged access to
>>>> Koha? Remember it needs to have permissions to enter the staff interface
>>>> (the 'catalogue' permission) in order to access routes (other than those in
>>>> the /api/v1/public namespace).
>>>>
>>> Yes, the user has permission set to access all librarian functions, I
>>> also tried accessing the api end point via browser after logging in to the
>>> staff portal with this user, and im getting the correct response.
>>>
>>> Im also not able to access api/v1/.html from the browser, it gives a
>>> 403  Error page. I checked the error logs and found this
>>>
>>> [authz_core:error] [pid 25846]  AH01630: client denied by server
>>>> configuration: /usr/share/koha/api/v1/.html
>>>>
>>>
>>>
>>> Is there any logging systems in place which could give more info
>>> regarding the authorization failure error? or any idea whats wrong?
>>>
>>> Thanks,
>>> Aswin
>>>
>>>
>>> On Mon, 17 May 2021 at 19:13, Tomas Cohen Arazi <tomascohen at gmail.com>
>>> wrote:
>>>
>>>> Does the user (owner of the id/secret pair) have privileged access to
>>>> Koha? Remember it needs to have permissions to enter the staff interface
>>>> (the 'catalogue' permission) in order to access routes (other than those in
>>>> the /api/v1/public namespace).
>>>>
>>>> BTW: All routes also have some required permissions you should take a
>>>> look at. Specific ones.
>>>>
>>>> Kind regards
>>>>
>>>> El lun, 17 may 2021 a las 9:40, Aswin Unnikrishnan (<
>>>> aswinunni01 at gmail.com>) escribió:
>>>>
>>>>> Hi,
>>>>>
>>>>> I wanted to build an app that uses the koha API, and so i was testing
>>>>> it
>>>>> out, but I keep getting "Authentication Failure" error whichever end
>>>>> point
>>>>> I try to access.
>>>>> The steps i did are
>>>>>
>>>>> 1. Got the client_id / secret from koha
>>>>> 2. Sent a POST request to api/v1/oauth/token with required parameters
>>>>> and
>>>>> got  an "access_token" returned
>>>>> 3. Added the token to my authorization header with header-prefix
>>>>> "Bearer"
>>>>> 4. Sent a GET request to different end points, but getting the same 401
>>>>> Unauthorized error code with error : Authentication failure
>>>>>
>>>>> However if i access one of the public end points like
>>>>> /api/v1/biblios/{biblio_id} i can get a response
>>>>>
>>>>> If anyone has any idea why this is happening, please  let me know.
>>>>>
>>>>> Thanks in advance,
>>>>> Aswin
>>>>> _______________________________________________
>>>>>
>>>>> Koha mailing list  http://koha-community.org
>>>>> Koha at lists.katipo.co.nz
>>>>> Unsubscribe: https://lists.katipo.co.nz/mailman/listinfo/koha
>>>>>
>>>>
>>>>
>>>> --
>>>> Tomás Cohen Arazi
>>>> Theke Solutions (http://theke.io)
>>>> ✆ +54 9351 3513384
>>>> GPG: B2F3C15F
>>>>
>>>
>>
>> --
>> Tomás Cohen Arazi
>> Theke Solutions (http://theke.io)
>> ✆ +54 9351 3513384
>> GPG: B2F3C15F
>>
>


More information about the Koha mailing list