When using Oauth2.0, one of the errors observed is:
{"fault":{"faultstring":"Invalid API call as no apiproduct match found","detail":{"errorcode":"keymanagement.service.InvalidAPICallAsNoApiProductMatchFound"}}}
I would like to explain here a few possible causes for this error with the help of an example.
Example
Let's say we have the Environment, API Proxies, Products, Developer Apps and Developer setup in an org “sample” as shown below:
Environments
test
prod
API Proxies
API_One deployed in prod and test environments
API_Two deployed in prod and test environments
Products
Product_One associated with API_One. Product_One is enabled for test environment only.
Product_Two associated with API_Two. Product_Two is enabled for prod environment only.
DeveloperApps
App_One associated with Product_One
App_Two associated with Product_Two
Developers
Dev_One associated with App_One
Dev_Two associated with App_Two
With this setup, we can get the "Invalid API call as no apiproduct match found" error with the following scenarios listed below:
Scenario 1
In this scenario, we are using the access token generated for App_Two that is linked with Product_Two /API_Two to run the API call for API_One. This is a clear mismatch.
Scenario 2
In this scenario, we are using the access token generated for App_One in prod environment. However, the App_One is associated with Product_One, which is enabled only for test environment for the APIProxy “API_One”. This is a clear mismatch.
In summary, here are a few possible causes for the error “Invalid API call as no apiproduct match found" when using OAuth2.0
Solution
To avoid the error“Invalid API call as no apiproduct match found", we need to
In the example quoted above, we should do the following to avoid the error“Invalid API call as no apiproduct match found"
This same error will also be seen in cases where the API Product approval type is set to 'Manual' and the Product has not been approved in the App yet.
So Basically :
1. Create Proxy, secure it with OAuth2.0 VerifyAccessToken
2. Create Product, add the proxy to generate token and the api proxy to be secured (created in 1). Set the approval as 'Manual'
3. Create App, add above product to app.
4. Generate Token.
5. Send request to protected API Proxy with token genrated in (4).
6. Get 'InvalidAPICallAsNoApiProductMatchFound'
7. Go to App->Edit->Approve the product->Save
8. Send request to protected API Proxy with token genrated in (4)
9. Watch in satisfaction/frustration/relief as OAuth token verification is successful