Cognos Analytics

Cognos Analytics

Connect, learn, and share with thousands of IBM Cognos Analytics users!Β 

Β View Only

  • 1.  API Authentication - Forbidden

    Posted Thu January 19, 2023 10:11 AM
    I need to demonstrate Cognos Analytics API on a Jupyter Notebook.
    The documentation is very vague about the authentication method, it does not specify directly how to connect.

    In the following code snippet there are a few parameters I could not figure out
    - CAMUsername: is this my subscription ID, my registration email or else?
    - CAMPassword: is it a Cognos API key, or my password, or else?
    - With email and password the request feedback "forbidden"

    {
 "parameters": [
 {
 "name": "CAMNamespace",
 "value": "LDAP"
 },
 {
 "name": "CAMUsername",
 "value": "johnsmith"
 },
 {
 "name": "CAMPassword",
 "value": "mypassword"
 }
 ]
}


    Using a different system (see code below):
    - header may be wrong, I did not find alternatives other than "X-IBM-Client-ID"
    - instance_id is another vague term so I am using the basic link you see in the snippet
    - this operation returns status code: 200 but not a JSON.

    # Set the headers for the request
headers = {
 "X-IBM-Client-Id": api_key,
 "Content-Type": "application/json"
}

# Send a request to the root endpoint
response = requests.get("https://eu.ca.analytics.ibm.com/api/v1", headers=headers)

# Check the status code of the response
status_code = response.status_code
if status_code == 200:
 print("API connection successful")
else:
 print("API connection failed")​


    ------------------------------
    Andrea Paviglianiti
    ------------------------------


  • 2.  RE: API Authentication - Forbidden

    Posted Thu January 19, 2023 11:11 AM
    This is how I get roles info from the API, this is on a locally hosted server (11.1.7) so cannot advise if the same works on a cloud based environment. Username is the username you login with, same as password. The namespace can be found on the login screen (right after it says "Sign in with your"), or you can inspect the login request payload in developer tools after logging in to see what it passes (CAMNamespace). Make sure preserve log is checked before logging in.



    import requests
import json

credentials = {
    "parameters": [
    {
        "name": "CAMNamespace",
        "value": "xxxxxxxx"
    },
    {
        "name": "CAMUsername",
        "value": "xxxxxxxx"
    },
    {
        "name": "CAMPassword",
        "value": "xxxxxxxx"
    }
    ]
}

url = "http://server:port"

session = requests.Session()

try:
    login = session.put(url + "/api/v1/session", json=credentials)
except requests.exceptions.HTTPError as err:
    print(SystemExit(err))
  
all_cookies = session.cookies.get_dict()
xsrf_value = all_cookies["XSRF-TOKEN"]
xsrf_header = {"X-XSRF-Token": xsrf_value}

get_roles = session.get(url + "/api/v1/roles", headers=xsrf_header).json()

print(get_roles)​


    ------------------------------
    Ash
    ------------------------------

    Original Message


  • 3.  RE: API Authentication - Forbidden

    Posted Thu January 26, 2023 02:56 PM
    Hi Andrea,

     I assume you are using a standalone Jupyter environment, and Ash's response is a great answer (copying the XSRF token to the header as he described is key). However, for completeness I wanted to mention that if you use the integrated  IBM Cognos Analytics for Jupyter Notebook Server  Or IBM Watson Studio  as your Jupyter environment, you can connect/login to CA much easier (through the built in CADataConnector python/R class. Even better, the CADataConnector will allow you to work easily with data assets in CA.

    ------------------------------
    Jim Boland

    LinkedIn: https://www.linkedin.com/in/jimboland
    ------------------------------

    Original Message


  • 4.  RE: API Authentication - Forbidden

    Posted Wed January 03, 2024 05:15 AM

    Hi Jim !

    Any chance to use CADataConnector python/R packages in standalone Jupyter environments (other than CP4D or CA NB server) to access data assets in CA ?



    ------------------------------
    Thomas Strehl
    ------------------------------

    Original Message


  • 5.  RE: API Authentication - Forbidden

    Posted Wed January 03, 2024 07:20 AM
    Edited by Jim Boland Wed January 03, 2024 07:21 AM

    Hi Thomas,

    While the CADataConnector package works just fine in a stand-alone Jupyter environment, IBM has not publically released it as its own package. (It is only bundled, under the covers, in "IBM Cognos Analytics for Jupyter Notebook Server" and in "IBM Watson Studio". )



    ------------------------------
    Jim Boland

    LinkedIn: https://www.linkedin.com/in/jimboland
    Website: https://coreinsightz.com
    Email: jimboland@coreinsightz.com
    ------------------------------

    Original Message


  • 6.  RE: API Authentication - Forbidden

    Posted Thu January 04, 2024 05:43 AM
    Edited by Thomas Strehl Thu January 04, 2024 07:51 AM

    Hi Jim !

    You are talking about /usr/local/lib/python3.11/site-packages/ca_data_connector in the notebook container ?

    With authentication along https://developer.ibm.com/apis/catalog/cognosanalytics--cognos-analytics-rest-api/Getting%20Started and Ash's approach ?

    Or use CADataConnector.login(host, username=None, password=None, login_body=None) ?

    ------------------------------
    Thomas Strehl
    ------------------------------

    Original Message


  • 7.  RE: API Authentication - Forbidden

    Posted Thu January 04, 2024 09:38 PM
    Edited by Jim Boland Fri January 05, 2024 03:26 PM

    Hi Thomas,

    Yes - the ca_data_connector package you found in the CA notebook container is exactly what I'm talking about. ;-) 

    Almost - you want to use the CADataConnector.connect( ) method. It is overloaded to handle the various  environments (e.g. special cases for  CP4D, Watson Studio, IBM IBM Cognos Analytics for Jupyter Notebook Server, and the more general case you want to use.) I don't have access to an environment at the moment to look at it, but from memory I think it was something like this:

    CADataConnector.connect(
      {'url':'…' ,
        'namespace': '…',
        'user': '…' ,
        'password':'…' 
    });

    CADataConnector.connect(
      {'cognos_url':'…’ ,
        β€˜namespace’: β€˜β€¦β€™,
        β€˜username’: β€˜β€¦β€™ ,
        β€˜password’:’…’ 
    });

    where url is the URL for the CA gateway, namespace/username/password are the CA authentication credentials. ("user" may be "username" ... can't remember ;-)  )



    ------------------------------
    Jim Boland

    LinkedIn: https://www.linkedin.com/in/jimboland
    Website: https://coreinsightz.com
    Email: jimboland@coreinsightz.com
    ------------------------------

    Original Message


  • 8.  RE: API Authentication - Forbidden

    Posted Fri January 05, 2024 03:23 PM

    I was close 😎.

    The correct syntax is:

    CADataConnector.connect(
      {'cognos_url':'…' ,
        'namespace': '…',
        'username': '…' ,
        'password':'…' 
    });

    (I'll correct it in the previous post as well, so no one comes across the wrong syntax)



    ------------------------------
    Jim Boland

    LinkedIn: https://www.linkedin.com/in/jimboland
    Website: https://coreinsightz.com
    Email: jimboland@coreinsightz.com
    ------------------------------

    Original Message