So we are currently in the organization in a stage which we are testing multiple BI tools. Part of the test is creating some automated report of the tables associated with a table, and the policies attached to them.

So I was successfully authenticated using the API-KEY and followed the documentation and the swagger API, but even when authenticated, I am not allowed to use the /metadata endpoint:

I am trying to authenticate using the API KEY:

curl -i -X 'PUT' \

  'https://eu2.ca.analytics.ibm.com/api/v1/session' \

  -H 'accept: application/json' \

  -H 'Content-Type: application/json' \

  -c cookies.txt \

  -d '{

  "parameters": [

    {

      "name": "CAMAPILoginKey",

      "value": "AWlDQjlBQjU3N0M0MzY0RThBQTdCMTF................."

    }

  ]

}'

{"generation":3,"shareable":false,"isAnonymous":false,"cafContextId":"CAFW000000dcQ0FGQThjMDAwMDAwMDlBaFFBQUFETVRXQUYqTEZPWWYzQ0xWeG1WMzRCYWtMRW1BY0FBQUJUU0VFdE5URXlRQUFBQUVyM0dqN1FlMGJ3ZFhNNXNQMTFlcjRtSXFqOE0qU3VuRmN6Rk1SR1kxVFkyTkM1aU83TG1YMERNT0F5WmlNR0hmQWFBZEZSSjhDMDN5YlZqbmZiY0g4XzQ3ODA3MHxycw__","logEnabled":false,"canCallLogon":false,"url":"\/api\/v1"}%

which worked for creating the session, but when doing:

> curl -X 'GET' -b cookies.txt \

  -H "accept: application/json" \

  https://eu2.ca.analytics.ibm.com/api/v1/modules

Forbidden%

I get forbidden error

------------------------------
Mike Joseph
------------------------------

1.Check that API_KEY belongs to an account which has access to the Data modules.

2. Try calling REST API endpoint from swagger ( you should see  similar curl statement). I assume, you are not following the REST API conversation rules

curl -X 'GET' \  '<URI>/api/v1/modules' \  -H 'accept: application/json' \  -H 'X-XSRF-Token: sHTNyA2NhLPj7H9aJLY6a5VOlThz_nIV' \  -H 'Cache-Control: no-cache'

------------------------------
Andrei Istomine

Original Message:
Sent: Mon July 15, 2024 10:44 AM
From: Mike Joseph
Subject: Unable to fetch metadata using /metadata endpoint with API-KEY authentication

So we are currently in the organization in a stage which we are testing multiple BI tools. Part of the test is creating some automated report of the tables associated with a table, and the policies attached to them.

So I was successfully authenticated using the API-KEY and followed the documentation and the swagger API, but even when authenticated, I am not allowed to use the /metadata endpoint:

I am trying to authenticate using the API KEY:

curl -i -X 'PUT' \

  'https://eu2.ca.analytics.ibm.com/api/v1/session' \

  -H 'accept: application/json' \

  -H 'Content-Type: application/json' \

  -c cookies.txt \

  -d '{

  "parameters": [

    {

      "name": "CAMAPILoginKey",

      "value": "AWlDQjlBQjU3N0M0MzY0RThBQTdCMTF................."

    }

  ]

}'

{"generation":3,"shareable":false,"isAnonymous":false,"cafContextId":"CAFW000000dcQ0FGQThjMDAwMDAwMDlBaFFBQUFETVRXQUYqTEZPWWYzQ0xWeG1WMzRCYWtMRW1BY0FBQUJUU0VFdE5URXlRQUFBQUVyM0dqN1FlMGJ3ZFhNNXNQMTFlcjRtSXFqOE0qU3VuRmN6Rk1SR1kxVFkyTkM1aU83TG1YMERNT0F5WmlNR0hmQWFBZEZSSjhDMDN5YlZqbmZiY0g4XzQ3ODA3MHxycw__","logEnabled":false,"canCallLogon":false,"url":"\/api\/v1"}%

which worked for creating the session, but when doing:

> curl -X 'GET' -b cookies.txt \

  -H "accept: application/json" \

  https://eu2.ca.analytics.ibm.com/api/v1/modules

Forbidden%

I get forbidden error

------------------------------
Mike Joseph
------------------------------

1.Check that API_KEY belongs to an account which has access to the Data modules.

2. Try calling REST API endpoint from swagger ( you should see  similar curl statement). I assume, you are not following the REST API conversation rules

curl -X 'GET' \  '<URI>/api/v1/modules' \  -H 'accept: application/json' \  -H 'X-XSRF-Token: sHTNyA2NhLPj7H9aJLY6a5VOlThz_nIV' \  -H 'Cache-Control: no-cache'

------------------------------
Andrei Istomine

Original Message:
Sent: Mon July 15, 2024 10:44 AM
From: Mike Joseph
Subject: Unable to fetch metadata using /metadata endpoint with API-KEY authentication

So we are currently in the organization in a stage which we are testing multiple BI tools. Part of the test is creating some automated report of the tables associated with a table, and the policies attached to them.

So I was successfully authenticated using the API-KEY and followed the documentation and the swagger API, but even when authenticated, I am not allowed to use the /metadata endpoint:

I am trying to authenticate using the API KEY:

curl -i -X 'PUT' \

  'https://eu2.ca.analytics.ibm.com/api/v1/session' \

  -H 'accept: application/json' \

  -H 'Content-Type: application/json' \

  -c cookies.txt \

  -d '{

  "parameters": [

    {

      "name": "CAMAPILoginKey",

      "value": "AWlDQjlBQjU3N0M0MzY0RThBQTdCMTF................."

    }

  ]

}'

{"generation":3,"shareable":false,"isAnonymous":false,"cafContextId":"CAFW000000dcQ0FGQThjMDAwMDAwMDlBaFFBQUFETVRXQUYqTEZPWWYzQ0xWeG1WMzRCYWtMRW1BY0FBQUJUU0VFdE5URXlRQUFBQUVyM0dqN1FlMGJ3ZFhNNXNQMTFlcjRtSXFqOE0qU3VuRmN6Rk1SR1kxVFkyTkM1aU83TG1YMERNT0F5WmlNR0hmQWFBZEZSSjhDMDN5YlZqbmZiY0g4XzQ3ODA3MHxycw__","logEnabled":false,"canCallLogon":false,"url":"\/api\/v1"}%

which worked for creating the session, but when doing:

> curl -X 'GET' -b cookies.txt \

  -H "accept: application/json" \

  https://eu2.ca.analytics.ibm.com/api/v1/modules

Forbidden%

I get forbidden error

------------------------------
Mike Joseph
------------------------------

look here for example:

> curl -i -X 'PUT' \
  'https://eu2.ca.analytics.ibm.com/api/v1/session' \
  -H 'accept: application/json' \
  -H 'Content-Type: application/json' \
  -c cookies.txt \
  -d '{
  "parameters": [
    {
      "name": "CAMAPILoginKey",
      "value": "AWlDQjlBQjU3N0M0MzY0RThBQTdCMT.............."
    }
  ]
}'
HTTP/2 201
date: Sun, 21 Jul 2024 12:03:30 GMT
content-type: application/json
content-length: 362
cache-control: no-cache
content-language: en-US
expires: Thu, 01 Jan 1970 00:00:00 GMT
set-cookie: userCapabilitiesEx=fc2f9ffc%3B0%3B114e021%3B7c1aad%3B280684f8%26AhQAAADMTWAF%2BLFOYf3CLVxmV34BakLEmAcAAABTSEEtNTEyQAAAAPeWaZgsBV1mGR0fRAfPQEuMqDzMEgJaQ%2FfhOoSJKD43KduXvLGf9kdJ60fTR4gwQPF%2FgVZPW3NRbYjFZKy8N5k%3D; Path=/api/v1; Secure; SameSite=None
set-cookie: userCapabilities=114e021%3B7c1aad%3B280684f8%26AwcAAABTSEEtNTEyFAAAAMxNYAX4sU5h%2FcItXGZXfgFqQsSYTlHKMY50IbKQXAeZPLZ5ssgTpHlJW6W4V6VPKa%2BS4dKF7YPvnGHTHWHXikWFtwA8%2BSsNg3V%2F%2BvC%2F1%2BCTwQRLWg%3D%3D; Path=/api/v1; Secure; SameSite=None
set-cookie: cam_passport=MTsxMDE6MGUyY2Q1YTUtMzZkNy1jNTNkLTlkOGItMzIzZGZmOGZkYzhiOjA0MjMwODgxNjc7MDszOzA7; Path=/api; Secure; HttpOnly; SameSite=None
set-cookie: usersessionid=AggAAACSM6ZmAAAAAAoAAAAjlTBcx/q3uuYpFAAAAMxNYAX4sU5h/cItXGZXfgFqQsSYBwAAAFNIQS01MTJAAAAAOhQGGJXbhaOBXqw+4+zT3lrZTud6X4dHa8Gn8iIvNZHI82x/TNNYRP81lPWRa5j6+JkjAFWcUhVPSowmJUiy+A==; Path=/api; Secure; SameSite=None
set-cookie: cea-ssa=false; Path=/api/v1; Secure; SameSite=None
set-cookie: CRN=http%3A%2F%2Fdeveloper.cognos.com%2Fceba%2Fconstants%2FsystemOptionEnum%23accessibilityFeatures%3Dfalse%26backgroundSessionLogging%3D1970-01-01%2B00%253A00%253A00%26http%3A%2F%2Fdeveloper.cognos.com%2Fceba%2Fconstants%2FbiDirectionalOptionEnum%23biDirectionalFeaturesEnabled%3Dfalse%26listViewSeparator%3Dnone%26linesPerPage%3D15%26showOptionSummary%3Dtrue%26showHiddenObjects%3Dfalse%26contentLocale%3Den%26timeZoneID%3DAmerica%252FChicago%26showWelcomePage%3Dtrue%26productLocale%3Den%26format%3DHTML%26isToolbarDocked%3Dtrue%26skin%3Dcorporate%26showHints%3DhideAll%26displayMode%3Dlist%26columnsPerPage%3D3%26automaticPageRefresh%3D30%26; Path=/api/v1; Secure; SameSite=None
set-cookie: up=H4sIAAAAAAAAAG1SYW/TMBD9K1U+gTQgHSts/US1ji4oTtYuXdQKabKda+LG9lWOw5qg/fddxhgIIZ1k3Xv2u3d3/hl4ZWCLFqJ5MA1mBpyS/PuHy4qOEoOTYIfOcE/cdcZiyptaWcou0R3QcQ8EqSZD1IK7OcoaimDqXQsngeCyLh22triFplFoYyxLZUt6Pb74HL4LxxSjMJw+xyBd4cO1sr6hG5UqYKY1oW0DLuEGCDSqhv2XH6DRq+N7roj13WFguJRUyBNQoYEbXg4gZYQPtYXSyndfgfvWAcnvuG5gMD6zaDuD7R/s4LBopY9Rcj2IgH11VhRgU7EH6f+SoHaD48boOrXrT2yxfNjkbMIWG7/NV/VWhWGSr3ScX3Wsn/mkj87YYn3K9olK87s6zlb79Jm7q+Ks7Df92ieLqGe34STJl+M4j7qNiY5bw87SOZsky/t7siONuUHnuf7VpFBz5cgVjZjr301eWS70sIwXowXseKv9yyQZTXL0DRs4VKM34lSI8U6en3+8mLwd5NF6sP+MAAxX+v87ELyBDI7+1cXwk1qPweMTZdPluF8CAAA=; Path=/api; Secure; SameSite=None
strict-transport-security: max-age=31536000; includeSubDomains
x-ca-affinity: 3939250292
x-ca-transaction: 9h2C9jsG8yj4C82wldjhh2qqqj8q8y2d8h2hswGj
x-robots-tag: noindex
x-ca-requesttime: path=session; start=1721563409907; end=1721563410591; elapsed=684
x-content-type-options: nosniff
content-security-policy: default-src 'self' blob: data:; script-src https://eu2.ca.analytics.ibm.com * 'unsafe-inline' 'unsafe-eval'; style-src data: blob: https://eu2.ca.analytics.ibm.com * 'unsafe-inline'; font-src data: https://eu2.ca.analytics.ibm.com *; img-src data: blob: https://eu2.ca.analytics.ibm.com *; connect-src data: blob: https://eu2.ca.analytics.ibm.com *; worker-src data: blob: https://eu2.ca.analytics.ibm.com *; frame-src https://eu2.ca.analytics.ibm.com * blob: mailto: https://eu2.ca.analytics.ibm.com/* ; object-src data: blob: https://eu2.ca.analytics.ibm.com  * ;media-src data: blob: https://eu2.ca.analytics.ibm.com *
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 8a6b0c4f4c5b11b8-MRS

{"generation":3,"shareable":false,"isAnonymous":false,"cafContextId":"CAFW000000dcQ0FGQThjMDAwMDAwMDlBaFFBQUFETVRXQUYqTEZPWWYzQ0xWeG1WMzRCYWtMRW1BY0FBQUJUU0VFdE5URXlRQUFBQU9hSE9PdmhBQVBPYkVnKkppaWJ6V0E4Tmt0Si03b0JTTnpkYjhpUk1yY1pydVYxSDJ0aWo0dVRmRVpjSEU3OTdFUGo3SnlIMjAzd2JtazJ4Slp6dXpFXzQ3ODIxMnxycw__","logEnabled":false,"canCallLogon":false,"url":"\/api\/v1"}%



if it works to you can you please share an example? and not just a copy from the doc's as I read through eveything...

------------------------------
Mike Joseph

Original Message:
Sent: Thu July 18, 2024 03:32 PM
From: Andrei Istomine
Subject: Unable to fetch metadata using /metadata endpoint with API-KEY authentication

1.Check that API_KEY belongs to an account which has access to the Data modules.

2. Try calling REST API endpoint from swagger ( you should see  similar curl statement). I assume, you are not following the REST API conversation rules

curl -X 'GET' \  '<URI>/api/v1/modules' \  -H 'accept: application/json' \  -H 'X-XSRF-Token: sHTNyA2NhLPj7H9aJLY6a5VOlThz_nIV' \  -H 'Cache-Control: no-cache'

------------------------------
Andrei Istomine

Original Message:
Sent: Mon July 15, 2024 10:44 AM
From: Mike Joseph
Subject: Unable to fetch metadata using /metadata endpoint with API-KEY authentication

So we are currently in the organization in a stage which we are testing multiple BI tools. Part of the test is creating some automated report of the tables associated with a table, and the policies attached to them.

So I was successfully authenticated using the API-KEY and followed the documentation and the swagger API, but even when authenticated, I am not allowed to use the /metadata endpoint:

I am trying to authenticate using the API KEY:

curl -i -X 'PUT' \

  'https://eu2.ca.analytics.ibm.com/api/v1/session' \

  -H 'accept: application/json' \

  -H 'Content-Type: application/json' \

  -c cookies.txt \

  -d '{

  "parameters": [

    {

      "name": "CAMAPILoginKey",

      "value": "AWlDQjlBQjU3N0M0MzY0RThBQTdCMTF................."

    }

  ]

}'

{"generation":3,"shareable":false,"isAnonymous":false,"cafContextId":"CAFW000000dcQ0FGQThjMDAwMDAwMDlBaFFBQUFETVRXQUYqTEZPWWYzQ0xWeG1WMzRCYWtMRW1BY0FBQUJUU0VFdE5URXlRQUFBQUVyM0dqN1FlMGJ3ZFhNNXNQMTFlcjRtSXFqOE0qU3VuRmN6Rk1SR1kxVFkyTkM1aU83TG1YMERNT0F5WmlNR0hmQWFBZEZSSjhDMDN5YlZqbmZiY0g4XzQ3ODA3MHxycw__","logEnabled":false,"canCallLogon":false,"url":"\/api\/v1"}%

which worked for creating the session, but when doing:

> curl -X 'GET' -b cookies.txt \

  -H "accept: application/json" \

  https://eu2.ca.analytics.ibm.com/api/v1/modules

Forbidden%

I get forbidden error

------------------------------
Mike Joseph
------------------------------