[Koha] Koha rest API OAuth authentication fails

Coehoorn, Joel jcoehoorn at york.edu
Sat Dec 2 06:50:57 NZDT 2023


I asked a question yesterday about API access to setup EBSCO catalog sync,
and that is moving forward now, as they will be using the public API.

While working on that I also spent some time looking at the other API
endpoints. I am able to use the authenticated APIs, but only if I login via
our normal SAML SSO process first and then make the API calls on the
authenticated session. I would like to eventually be able to use OAuth for
some things here. However, I was not able to make OAuth work.

Specifically, I am able to successfully request a token and set it with
"Bearer " in the Authorization header, but no matter what I try I get 401
response with {"error":"Authentication failure."}.  I've tried powershell
and Postman from my own machine, and curl while logged into the koha server
directly, but nothing I do seems to change anything.

The user owning the API keys used with the request definitely has the
needed permissions, and I even tried issuing an API key for a
superlibrarian just to be sure. The RestPublicAPI
and RESTOAuth2ClientCredentials system preferences are both enabled.

What could I be missing?

*Joel Coehoorn*
Director of Information Technology
*York University*
Office: 402-363-5603 | jcoehoorn at york.edu | york.edu

*Please contact helpdesk at york.edu <helpdesk at york.edu> for technical
assistance.*


The mission of York University is to transform lives through
Christ-centered education and to equip students for lifelong service to
God, family, and society


More information about the Koha mailing list