[Koha] Koha API - Authentication Failure

Aswin Unnikrishnan aswinunni01 at gmail.com
Tue May 18 05:53:11 NZST 2021


Thanks for pointing that out Stephen, I will have to look into that, it
might be the issue here.

Tomas, I am not exactly sure if we have plack running or not.  Plack seems
to be enabled, but plack logs are all empty. the logs are all at
intranet-error.log and opac-error.log

I will try out the apache CGIPass method as Stephen suggested and get back
if it works.

Thanks,
Aswin

On Mon, May 17, 2021, 9:02 PM Tomas Cohen Arazi <tomascohen at gmail.com>
wrote:

> Are you running Plack?
>
> El lun, 17 may 2021 a las 11:53, Aswin Unnikrishnan (<
> aswinunni01 at gmail.com>) escribió:
>
>> Thanks Stephen, Tomas for the quick response.
>>
>> Aswin - are you using the correct URL to call your custom endpoint. It
>>> should be under the contrib namespace e.g.
>>>
>>
>> The app i am making is not part of koha, its a seperate web app which
>> makes calls to /api/v1/ end points of the koha server.
>>
>> Does the user (owner of the id/secret pair) have privileged access to
>>> Koha? Remember it needs to have permissions to enter the staff interface
>>> (the 'catalogue' permission) in order to access routes (other than those in
>>> the /api/v1/public namespace).
>>>
>> Yes, the user has permission set to access all librarian functions, I
>> also tried accessing the api end point via browser after logging in to the
>> staff portal with this user, and im getting the correct response.
>>
>> Im also not able to access api/v1/.html from the browser, it gives a 403
>> Error page. I checked the error logs and found this
>>
>> [authz_core:error] [pid 25846]  AH01630: client denied by server
>>> configuration: /usr/share/koha/api/v1/.html
>>>
>>
>>
>> Is there any logging systems in place which could give more info
>> regarding the authorization failure error? or any idea whats wrong?
>>
>> Thanks,
>> Aswin
>>
>>
>> On Mon, 17 May 2021 at 19:13, Tomas Cohen Arazi <tomascohen at gmail.com>
>> wrote:
>>
>>> Does the user (owner of the id/secret pair) have privileged access to
>>> Koha? Remember it needs to have permissions to enter the staff interface
>>> (the 'catalogue' permission) in order to access routes (other than those in
>>> the /api/v1/public namespace).
>>>
>>> BTW: All routes also have some required permissions you should take a
>>> look at. Specific ones.
>>>
>>> Kind regards
>>>
>>> El lun, 17 may 2021 a las 9:40, Aswin Unnikrishnan (<
>>> aswinunni01 at gmail.com>) escribió:
>>>
>>>> Hi,
>>>>
>>>> I wanted to build an app that uses the koha API, and so i was testing it
>>>> out, but I keep getting "Authentication Failure" error whichever end
>>>> point
>>>> I try to access.
>>>> The steps i did are
>>>>
>>>> 1. Got the client_id / secret from koha
>>>> 2. Sent a POST request to api/v1/oauth/token with required parameters
>>>> and
>>>> got  an "access_token" returned
>>>> 3. Added the token to my authorization header with header-prefix
>>>> "Bearer"
>>>> 4. Sent a GET request to different end points, but getting the same 401
>>>> Unauthorized error code with error : Authentication failure
>>>>
>>>> However if i access one of the public end points like
>>>> /api/v1/biblios/{biblio_id} i can get a response
>>>>
>>>> If anyone has any idea why this is happening, please  let me know.
>>>>
>>>> Thanks in advance,
>>>> Aswin
>>>> _______________________________________________
>>>>
>>>> Koha mailing list  http://koha-community.org
>>>> Koha at lists.katipo.co.nz
>>>> Unsubscribe: https://lists.katipo.co.nz/mailman/listinfo/koha
>>>>
>>>
>>>
>>> --
>>> Tomás Cohen Arazi
>>> Theke Solutions (http://theke.io)
>>> ✆ +54 9351 3513384
>>> GPG: B2F3C15F
>>>
>>
>
> --
> Tomás Cohen Arazi
> Theke Solutions (http://theke.io)
> ✆ +54 9351 3513384
> GPG: B2F3C15F
>


More information about the Koha mailing list