Thanks for the feedback and help Jens,
I will elaborate more, if you need any additional information after this please let me know.
Yes,
I have an API (which is published in the product catalog on IBM API Connect), in this API the client secret and the client ID were configured, and the plan to be able to use the API.
I have it configured in postman for testing, where in the Header I have the following parameters:
1. key: accept - value: application/json
2. key: Client-id - value: xxxxxxxxxxxxxxx
3. key: client-secret - value: yyyyyyyyyyy
Note: To be able to test through postman, it was necessary to disable SSL certificate validation
(Enable SSL certificate verification - Verify SSL certificates when sending a request. Verification failures will result in the request being aborted - OFF).
In BAW, I created an external service (using .yaml API, downloaded from API Connect) by following these steps:
1. Service-> New External Service -> "Java, Rest or Web Service"
2. Rest service from a local file -> Select The Operation name
3. Create a new Server
4. In the new Server i have this configurations
5. Hostname: *****, Port: ****, Secured Server (checked)
To test i have created a service Flow, with a service task in flow implementing operations a want to test (SearchId)
I get this error when I test (debug ou running the service flow):
CWTBG0019E: Unexpected exception during execution. Exception information:
'com.lombardisoftware.component.common.workflow.WorkflowProcessItemException: An exception occurred in activity "Script Task" of "Service ... javax.net.ssl.SSLHandshakeException: com.ibm.jsse2.util.h: PKIX path building failed: com.ibm.security.cert.IBMCertPathBuilderException:
unable to find valid certification path to requested target"
So i proceed with External service configurations:
6. In the External Server i have this configurations (Details tab, Binding tab, Source tab)
7. In the Binding tab, i have:
a. Binding type: rest
b. Server: my server created at point 3 and 4
c. Authentication through 'Cient Secret' - (here i pass the client secret value)
d. Authentication through 'Cient id' - (here i pass the client id value)
Repeating the test i have this error:
CWTBG0019E: Unexpected exception during execution. Exception information:
Service Flow" with name "Search for Document Id Number". Task instance id "Task.25659". Details: "CWXSD102SE: The operation
'searchld' with HTTP method 'GET' returned an unexpected response status code '401 with response message 'Cnauthorized"'
Any ideia or workAround?
Thanks
------------------------------
Joel Neto
------------------------------
Original Message:
Sent: Wed January 18, 2023 02:16 AM
From: Jens Engelke
Subject: CWXSD1028 - Response Code 401 Unauthorized
Hi Joel,
can you elaborate what you mean by "binding the client id and client secret as well"?
I don't think there is a feature in BAW to use a client_id and client_secret to obtain an access_token and in turn use it for calling a REST API. You may have provided these client credentials for basic auth, which is not expected to work.
Also, can you see the exact HTTP request sent by Postman in your browser's network view? Is there a request header "Authorization"? Does it start with Basic or Bearer?
------------------------------
Jens Engelke
Original Message:
Sent: Tue January 17, 2023 04:25 AM
From: Joel Neto
Subject: CWXSD1028 - Response Code 401 Unauthorized
Hi guys,
I am having a problem connecting an API (hosted on API Connect).
I have created an *External service (For a Rest api) and a Server (Rest Server) in BAW,
When testing using a ServiceFlow it gives me the error 401 Unauthorized,
although I have everything configured ( hostname, port, and i´m binding the client id and client secret as well), is there any way to solve or bypass this? meanwhile its works on Postman after disabiling the SSL configuration.
any tips?
Thanks
------------------------------
Joel Neto
------------------------------