[Koha] Koha API - Authentication Failure

Stephen Graham s.graham4 at herts.ac.uk
Tue May 18 02:59:44 NZST 2021 

Could it be an issue with Apache? When we first started using the API we had an auth issue and our hosting company said:

“By default Apache strips out Authorization headers and it is necessary to explicitly tell it not to do that when you're trying to pass authorisation tokens through in the Authorization header. The Apache directive that does this is CGIPassAuth: https://httpd.apache.org/docs/trunk/mod/core.html#cgipassauth

Could this be the issue and you need to change the Koha apache to do this?

Stephen

From: Aswin Unnikrishnan <aswinunni01 at gmail.com>
Sent: 17 May 2021 15:53
To: Tomas Cohen Arazi <tomascohen at gmail.com>; Stephen Graham <s.graham4 at herts.ac.uk>
Cc: Discussion Group Koha <koha at lists.katipo.co.nz>
Subject: Re: [Koha] Koha API - Authentication Failure

Thanks Stephen, Tomas for the quick response.

Aswin - are you using the correct URL to call your custom endpoint. It should be under the contrib namespace e.g.

The app i am making is not part of koha, its a seperate web app which makes calls to /api/v1/ end points of the koha server.

Does the user (owner of the id/secret pair) have privileged access to Koha? Remember it needs to have permissions to enter the staff interface (the 'catalogue' permission) in order to access routes (other than those in the /api/v1/public namespace).
Yes, the user has permission set to access all librarian functions, I also tried accessing the api end point via browser after logging in to the staff portal with this user, and im getting the correct response.

Im also not able to access api/v1/.html from the browser, it gives a 403  Error page. I checked the error logs and found this

[authz_core:error] [pid 25846]  AH01630: client denied by server configuration: /usr/share/koha/api/v1/.html


Is there any logging systems in place which could give more info regarding the authorization failure error? or any idea whats wrong?

Thanks,
Aswin


On Mon, 17 May 2021 at 19:13, Tomas Cohen Arazi <tomascohen at gmail.com<mailto:tomascohen at gmail.com>> wrote:
Does the user (owner of the id/secret pair) have privileged access to Koha? Remember it needs to have permissions to enter the staff interface (the 'catalogue' permission) in order to access routes (other than those in the /api/v1/public namespace).

BTW: All routes also have some required permissions you should take a look at. Specific ones.

Kind regards

El lun, 17 may 2021 a las 9:40, Aswin Unnikrishnan (<aswinunni01 at gmail.com<mailto:aswinunni01 at gmail.com>>) escribió:
Hi,

I wanted to build an app that uses the koha API, and so i was testing it
out, but I keep getting "Authentication Failure" error whichever end point
I try to access.
The steps i did are

1. Got the client_id / secret from koha
2. Sent a POST request to api/v1/oauth/token with required parameters and
got  an "access_token" returned
3. Added the token to my authorization header with header-prefix "Bearer"
4. Sent a GET request to different end points, but getting the same 401
Unauthorized error code with error : Authentication failure

However if i access one of the public end points like
/api/v1/biblios/{biblio_id} i can get a response

If anyone has any idea why this is happening, please  let me know.

Thanks in advance,
Aswin
_______________________________________________

Koha mailing list  http://koha-community.org
Koha at lists.katipo.co.nz<mailto:Koha at lists.katipo.co.nz>
Unsubscribe: https://lists.katipo.co.nz/mailman/listinfo/koha


--
Tomás Cohen Arazi
Theke Solutions (http://theke.io<http://theke.io/>)
✆ +54 9351 3513384
GPG: B2F3C15F

More information about the Koha mailing list