Cognos Analytics

Hello,

I want to use the new REST API controllers to upload Excel and CSV files from a 3rd party application.
However, any attempt to log in to the Cognos system using the REST controller /api/session fails.
(I use the REST tool POSTMAN)

URL:
http://<bi server hostname>:9300/bi/api/session

Method:
PUT

Header:
accept = application/json
content-type = application/json

Body:
{
"parameters": [
{
"name": "CAMNamespace"
"value": "<LDAP ID>"
},
{
"name": "CAMUsername"
"value": "<username>"
},
{
"name": "CAMPassword."
"value": "<password>"
}
]
}

I always get a "403 forbidden" error
If I test the same parameters in swagger, this works.

does anyone have an idea or experience with the REST controllers?

Best regards

Martin Braun

------------------------------
Martin Braun
------------------------------

Martin,

I am having the same issue that you describe.  I have tried getting it to work with Postman and SoapUI without any luck.  Did you ever get this working, or does anybody have any suggestions?

Doug

------------------------------
Doug Williams
------------------------------

Original Message:
Sent: Sat August 15, 2020 12:47 PM
From: Martin Braun
Subject: REST API logon

Hello,

I want to use the new REST API controllers to upload Excel and CSV files from a 3rd party application.
However, any attempt to log in to the Cognos system using the REST controller /api/session fails.
(I use the REST tool POSTMAN)

URL:
http://<bi server hostname>:9300/bi/api/session

Method:
PUT

Header:
accept = application/json
content-type = application/json

Body:
{
"parameters": [
{
"name": "CAMNamespace"
"value": "<LDAP ID>"
},
{
"name": "CAMUsername"
"value": "<username>"
},
{
"name": "CAMPassword."
"value": "<password>"
}
]
}

I always get a "403 forbidden" error
If I test the same parameters in swagger, this works.

does anyone have an idea or experience with the REST controllers?

Best regards

Martin Braun

------------------------------
Martin Braun
------------------------------

Hi Doug & Martin,

By default, Cognos requires an additional cookie, 'X-XSRF-TOKEN' The value of this token is returned if you do your first call to /login

You can either implement that, of for the quick fix, disable the X-XSRF check:

1. Open the Windows Services window and stop the IBM Cognos service.

2. Open the file installation_location\wlp\usr\servers\cognosserver\bootstrap.properties.

3. Add the following line:

   disableXSRFCheck=true

4. Save the file.

5. Restart the IBM Cognos service
   
   Rgds,
   Reinier

------------------------------
Reinier Battenberg
https://github.com/CognosExt
------------------------------

Original Message:
Sent: Tue January 12, 2021 05:17 PM
From: Doug Williams
Subject: REST API logon

Martin,

I am having the same issue that you describe.  I have tried getting it to work with Postman and SoapUI without any luck.  Did you ever get this working, or does anybody have any suggestions?

Doug

------------------------------
Doug Williams

Original Message:
Sent: Sat August 15, 2020 12:47 PM
From: Martin Braun
Subject: REST API logon

Hello,

I want to use the new REST API controllers to upload Excel and CSV files from a 3rd party application.
However, any attempt to log in to the Cognos system using the REST controller /api/session fails.
(I use the REST tool POSTMAN)

URL:
http://<bi server hostname>:9300/bi/api/session

Method:
PUT

Header:
accept = application/json
content-type = application/json

Body:
{
"parameters": [
{
"name": "CAMNamespace"
"value": "<LDAP ID>"
},
{
"name": "CAMUsername"
"value": "<username>"
},
{
"name": "CAMPassword."
"value": "<password>"
}
]
}

I always get a "403 forbidden" error
If I test the same parameters in swagger, this works.

does anyone have an idea or experience with the REST controllers?

Best regards

Martin Braun

------------------------------
Martin Braun
------------------------------

Martin,

I wrote an article on how to log in and utilize the new REST APIs using Python. The example might help since you will ultimately wish to move from Postman into an actual scripting language.

https://www.linkedin.com/pulse/scripting-new-rest-api-ibm-cognos-analytics-robert-hofstetter/

------------------------------
Robert Hofstetter
------------------------------

Original Message:
Sent: Sat August 15, 2020 12:47 PM
From: Martin Braun
Subject: REST API logon

Hello,

I want to use the new REST API controllers to upload Excel and CSV files from a 3rd party application.
However, any attempt to log in to the Cognos system using the REST controller /api/session fails.
(I use the REST tool POSTMAN)

URL:
http://<bi server hostname>:9300/bi/api/session

Method:
PUT

Header:
accept = application/json
content-type = application/json

Body:
{
"parameters": [
{
"name": "CAMNamespace"
"value": "<LDAP ID>"
},
{
"name": "CAMUsername"
"value": "<username>"
},
{
"name": "CAMPassword."
"value": "<password>"
}
]
}

I always get a "403 forbidden" error
If I test the same parameters in swagger, this works.

does anyone have an idea or experience with the REST controllers?

Best regards

Martin Braun

------------------------------
Martin Braun
------------------------------

Thanks, Reinier and Robert.

I was able to get the initial Session Put to work in SoapUI yesterday by adding the credential information as a JSON string instead of individual parameters.


------------------------------
Doug Williams
------------------------------

Original Message:
Sent: Thu January 14, 2021 09:40 AM
From: Robert Hofstetter
Subject: REST API logon

Martin,

I wrote an article on how to log in and utilize the new REST APIs using Python. The example might help since you will ultimately wish to move from Postman into an actual scripting language.

https://www.linkedin.com/pulse/scripting-new-rest-api-ibm-cognos-analytics-robert-hofstetter/

------------------------------
Robert Hofstetter

Original Message:
Sent: Sat August 15, 2020 12:47 PM
From: Martin Braun
Subject: REST API logon

Hello,

I want to use the new REST API controllers to upload Excel and CSV files from a 3rd party application.
However, any attempt to log in to the Cognos system using the REST controller /api/session fails.
(I use the REST tool POSTMAN)

URL:
http://<bi server hostname>:9300/bi/api/session

Method:
PUT

Header:
accept = application/json
content-type = application/json

Body:
{
"parameters": [
{
"name": "CAMNamespace"
"value": "<LDAP ID>"
},
{
"name": "CAMUsername"
"value": "<username>"
},
{
"name": "CAMPassword."
"value": "<password>"
}
]
}

I always get a "403 forbidden" error
If I test the same parameters in swagger, this works.

does anyone have an idea or experience with the REST controllers?

Best regards

Martin Braun

------------------------------
Martin Braun
------------------------------

Dear Doug, 

Have you tried this Swagger API Test Page after clearing the Cookies. Try it and then Restart the Cognos Server . hope it will work

------------------------------
Adnan Sheeraz
------------------------------

Original Message:
Sent: Thu January 14, 2021 10:23 AM
From: Doug Williams
Subject: REST API logon

Thanks, Reinier and Robert.

I was able to get the initial Session Put to work in SoapUI yesterday by adding the credential information as a JSON string instead of individual parameters.

Now I am not able to get any of the get requests to work.  I have taken XSRF-Token cookie returned from the Session Put into the header of a GET request, say for /api/v1/files.  When I submit that, I get an "Authorization Required" response.  When I look at the network activity when using the Swagger API Test Page, I see that there is also a Cookie parameter in the header that seems to contain all of the Set-Cookie information returned in the Session PUT response header.  So is that also required?

Doug

------------------------------
Doug Williams

Original Message:
Sent: Thu January 14, 2021 09:40 AM
From: Robert Hofstetter
Subject: REST API logon

Martin,

I wrote an article on how to log in and utilize the new REST APIs using Python. The example might help since you will ultimately wish to move from Postman into an actual scripting language.

https://www.linkedin.com/pulse/scripting-new-rest-api-ibm-cognos-analytics-robert-hofstetter/

------------------------------
Robert Hofstetter

Original Message:
Sent: Sat August 15, 2020 12:47 PM
From: Martin Braun
Subject: REST API logon

Hello,

I want to use the new REST API controllers to upload Excel and CSV files from a 3rd party application.
However, any attempt to log in to the Cognos system using the REST controller /api/session fails.
(I use the REST tool POSTMAN)

URL:
http://<bi server hostname>:9300/bi/api/session

Method:
PUT

Header:
accept = application/json
content-type = application/json

Body:
{
"parameters": [
{
"name": "CAMNamespace"
"value": "<LDAP ID>"
},
{
"name": "CAMUsername"
"value": "<username>"
},
{
"name": "CAMPassword."
"value": "<password>"
}
]
}

I always get a "403 forbidden" error
If I test the same parameters in swagger, this works.

does anyone have an idea or experience with the REST controllers?

Best regards

Martin Braun

------------------------------
Martin Braun
------------------------------

Hi Adnan,

The Swagger API test page works fine.  It's getting the requests to work using Postman or SoapUI where I'm having problems.  I can create a Session using the PUT /api/v1/session request, but haven't been able to get any of the GET requests to work using the XSRF-TOKEN in the response.  It seems that the other cookies in the response are used also, but I haven't verified that.

------------------------------
Doug Williams
------------------------------

Original Message:
Sent: Fri January 15, 2021 04:12 AM
From: Adnan Sheeraz
Subject: REST API logon

Dear Doug, 

Have you tried this Swagger API Test Page after clearing the Cookies. Try it and then Restart the Cognos Server . hope it will work

------------------------------
Adnan Sheeraz

Original Message:
Sent: Thu January 14, 2021 10:23 AM
From: Doug Williams
Subject: REST API logon

Thanks, Reinier and Robert.

I was able to get the initial Session Put to work in SoapUI yesterday by adding the credential information as a JSON string instead of individual parameters.

Now I am not able to get any of the get requests to work.  I have taken XSRF-Token cookie returned from the Session Put into the header of a GET request, say for /api/v1/files.  When I submit that, I get an "Authorization Required" response.  When I look at the network activity when using the Swagger API Test Page, I see that there is also a Cookie parameter in the header that seems to contain all of the Set-Cookie information returned in the Session PUT response header.  So is that also required?

Doug

------------------------------
Doug Williams

Original Message:
Sent: Thu January 14, 2021 09:40 AM
From: Robert Hofstetter
Subject: REST API logon

Martin,

I wrote an article on how to log in and utilize the new REST APIs using Python. The example might help since you will ultimately wish to move from Postman into an actual scripting language.

https://www.linkedin.com/pulse/scripting-new-rest-api-ibm-cognos-analytics-robert-hofstetter/

------------------------------
Robert Hofstetter

Original Message:
Sent: Sat August 15, 2020 12:47 PM
From: Martin Braun
Subject: REST API logon

Hello,

I want to use the new REST API controllers to upload Excel and CSV files from a 3rd party application.
However, any attempt to log in to the Cognos system using the REST controller /api/session fails.
(I use the REST tool POSTMAN)

URL:
http://<bi server hostname>:9300/bi/api/session

Method:
PUT

Header:
accept = application/json
content-type = application/json

Body:
{
"parameters": [
{
"name": "CAMNamespace"
"value": "<LDAP ID>"
},
{
"name": "CAMUsername"
"value": "<username>"
},
{
"name": "CAMPassword."
"value": "<password>"
}
]
}

I always get a "403 forbidden" error
If I test the same parameters in swagger, this works.

does anyone have an idea or experience with the REST controllers?

Best regards

Martin Braun

------------------------------
Martin Braun
------------------------------

Hi Doug, 

when I worked with REST API I found out, that I have to pass whole cookies set which I received from PUT /api/v1/session. You also have to add new header X-XSRF-TOKEN with value of XSRF-TOKEN which you received from PUT statement.

Then the other requests to the CA REST API are working fine. When I used only X-XSRF-TOKEN itself (without reusing cookies set from put statement), then I received "Authorization Required." error message.

------------------------------
Jiri Smrz
------------------------------

Original Message:
Sent: Fri January 15, 2021 09:57 AM
From: Doug Williams
Subject: REST API logon

Hi Adnan,

The Swagger API test page works fine.  It's getting the requests to work using Postman or SoapUI where I'm having problems.  I can create a Session using the PUT /api/v1/session request, but haven't been able to get any of the GET requests to work using the XSRF-TOKEN in the response.  It seems that the other cookies in the response are used also, but I haven't verified that.

------------------------------
Doug Williams

Original Message:
Sent: Fri January 15, 2021 04:12 AM
From: Adnan Sheeraz
Subject: REST API logon

Dear Doug, 

Have you tried this Swagger API Test Page after clearing the Cookies. Try it and then Restart the Cognos Server . hope it will work

------------------------------
Adnan Sheeraz

Original Message:
Sent: Thu January 14, 2021 10:23 AM
From: Doug Williams
Subject: REST API logon

Thanks, Reinier and Robert.

I was able to get the initial Session Put to work in SoapUI yesterday by adding the credential information as a JSON string instead of individual parameters.

Now I am not able to get any of the get requests to work.  I have taken XSRF-Token cookie returned from the Session Put into the header of a GET request, say for /api/v1/files.  When I submit that, I get an "Authorization Required" response.  When I look at the network activity when using the Swagger API Test Page, I see that there is also a Cookie parameter in the header that seems to contain all of the Set-Cookie information returned in the Session PUT response header.  So is that also required?

Doug

------------------------------
Doug Williams

Original Message:
Sent: Thu January 14, 2021 09:40 AM
From: Robert Hofstetter
Subject: REST API logon

Martin,

I wrote an article on how to log in and utilize the new REST APIs using Python. The example might help since you will ultimately wish to move from Postman into an actual scripting language.

https://www.linkedin.com/pulse/scripting-new-rest-api-ibm-cognos-analytics-robert-hofstetter/

------------------------------
Robert Hofstetter

Original Message:
Sent: Sat August 15, 2020 12:47 PM
From: Martin Braun
Subject: REST API logon

Hello,

I want to use the new REST API controllers to upload Excel and CSV files from a 3rd party application.
However, any attempt to log in to the Cognos system using the REST controller /api/session fails.
(I use the REST tool POSTMAN)

URL:
http://<bi server hostname>:9300/bi/api/session

Method:
PUT

Header:
accept = application/json
content-type = application/json

Body:
{
"parameters": [
{
"name": "CAMNamespace"
"value": "<LDAP ID>"
},
{
"name": "CAMUsername"
"value": "<username>"
},
{
"name": "CAMPassword."
"value": "<password>"
}
]
}

I always get a "403 forbidden" error
If I test the same parameters in swagger, this works.

does anyone have an idea or experience with the REST controllers?

Best regards

Martin Braun

------------------------------
Martin Braun
------------------------------

Hi Jira,

Thanks for the response and confirming I need the entire set of cookies in addition to the X-XSRF-TOKEN.  I was able to get it to work by constructing a new single cookie consisting of all of the ones returned from the Session PUT.  I also had to include the XSRF-TOKEN cooking in the whole cookie with the other ones, even though it is singled-out in its own header item, X-XSRF-TOKEN.

Doug

------------------------------
Doug Williams
------------------------------

Original Message:
Sent: Mon January 18, 2021 09:25 AM
From: Jiri Smrz
Subject: REST API logon

Hi Doug, 

when I worked with REST API I found out, that I have to pass whole cookies set which I received from PUT /api/v1/session. You also have to add new header X-XSRF-TOKEN with value of XSRF-TOKEN which you received from PUT statement.

Then the other requests to the CA REST API are working fine. When I used only X-XSRF-TOKEN itself (without reusing cookies set from put statement), then I received "Authorization Required." error message.

------------------------------
Jiri Smrz

Original Message:
Sent: Fri January 15, 2021 09:57 AM
From: Doug Williams
Subject: REST API logon

Hi Adnan,

The Swagger API test page works fine.  It's getting the requests to work using Postman or SoapUI where I'm having problems.  I can create a Session using the PUT /api/v1/session request, but haven't been able to get any of the GET requests to work using the XSRF-TOKEN in the response.  It seems that the other cookies in the response are used also, but I haven't verified that.

------------------------------
Doug Williams

Original Message:
Sent: Fri January 15, 2021 04:12 AM
From: Adnan Sheeraz
Subject: REST API logon

Dear Doug, 

Have you tried this Swagger API Test Page after clearing the Cookies. Try it and then Restart the Cognos Server . hope it will work

------------------------------
Adnan Sheeraz

Original Message:
Sent: Thu January 14, 2021 10:23 AM
From: Doug Williams
Subject: REST API logon

Thanks, Reinier and Robert.

I was able to get the initial Session Put to work in SoapUI yesterday by adding the credential information as a JSON string instead of individual parameters.

Now I am not able to get any of the get requests to work.  I have taken XSRF-Token cookie returned from the Session Put into the header of a GET request, say for /api/v1/files.  When I submit that, I get an "Authorization Required" response.  When I look at the network activity when using the Swagger API Test Page, I see that there is also a Cookie parameter in the header that seems to contain all of the Set-Cookie information returned in the Session PUT response header.  So is that also required?

Doug

------------------------------
Doug Williams

Original Message:
Sent: Thu January 14, 2021 09:40 AM
From: Robert Hofstetter
Subject: REST API logon

Martin,

I wrote an article on how to log in and utilize the new REST APIs using Python. The example might help since you will ultimately wish to move from Postman into an actual scripting language.

https://www.linkedin.com/pulse/scripting-new-rest-api-ibm-cognos-analytics-robert-hofstetter/

------------------------------
Robert Hofstetter

Original Message:
Sent: Sat August 15, 2020 12:47 PM
From: Martin Braun
Subject: REST API logon

Hello,

I want to use the new REST API controllers to upload Excel and CSV files from a 3rd party application.
However, any attempt to log in to the Cognos system using the REST controller /api/session fails.
(I use the REST tool POSTMAN)

URL:
http://<bi server hostname>:9300/bi/api/session

Method:
PUT

Header:
accept = application/json
content-type = application/json

Body:
{
"parameters": [
{
"name": "CAMNamespace"
"value": "<LDAP ID>"
},
{
"name": "CAMUsername"
"value": "<username>"
},
{
"name": "CAMPassword."
"value": "<password>"
}
]
}

I always get a "403 forbidden" error
If I test the same parameters in swagger, this works.

does anyone have an idea or experience with the REST controllers?

Best regards

Martin Braun

------------------------------
Martin Braun
------------------------------