Solved: Service Call out payload and it's response

Report Inappropriate Content · 02-15-2018 12:00 PM

Hi,

I am hitting directly (by set the target- simply- by passing Header and body parameters through postman))to a back end API and received successful response..

Now, Use the Service Call out policy hitting the same

URI (above back end target0 and also I created the json payload in same Service Callout, I am getting - 401 - UnAuthorize error.

So, query is when hitting as target , receiving the response but when accessing the same target through Service Callout, given 401 - Unuthorize error.

The target back end API is public , so easily access by anyone from any where. I am retrieving variable from the APigee environment using key Value policy and setting in Service Callout Json payload and Headers.

Service Callout policy below -

<ServiceCallout name="SC-DvlaToken">
  <DisplayName>SC-DvlaToken</DisplayName>
  <Properties/>
  <Request>
    <Set>
      <Headers>
        <!-- Retrieve the value for Header from the KVM. This is require to get the Access Token. -->
        <Header name="Content-Type">{Content-Type}</Header>
        <Header name="x-api-key">{x-api-key}</Header>
      </Headers>
      <Verb>POST</Verb>
      <!-- Retrieve the values for the body parameter from the KVM -->
      <Payload contentType="application/json" variablePrefix="@" variableSuffix="#">
        {
        "userName": "@userName#",
        "password": "@password#" 
        }
      </Payload>
    </Set>
    <IgnoreUnresolvedVariables>false</IgnoreUnresolvedVariables>
  </Request>
  <Response>calloutResponse</Response>
  <HTTPTargetConnection>
    <Properties/>
    <URL>http://test-api.common.beta.dvla.gov.uk/thirdparty-access/v1/authenticate</URL>
  </HTTPTargetConnection>
</ServiceCallout>

DChiesa

Hi Rajeev -

I just tried invoking that URL from my machine and it responds with a 301 "Moved Permanently". Can you change the URL element from http to https and see if that helps?

Are you using the same (insecure) http URL in the Target? I'm not sure if ServiceCallout differs from an HTTP Target in its handling of 301 and 302. I'd be surprised if that was the case, but I guess it's possible. But regardless, it seems like the way to avoid the problem is to just use the https. When I invoke the https endpoint I get a proper JSON 403 response. (Obviously I don't have credentials)

View solution in original post

robert

Hi @rajeevchaturvedi ,

Are you certain those variables are populated prior to calling the service? Please run the trace tool and confirm by reviewing the service callout step. Also, have you tried hardcoding the values (headers and form params) in the callout policy just to confirm it works without variables? When I’ve reviewed proxies from other developers who were having issues, many times it is just not reading the same variables or the variables were never populated. Can you please check and report back?

If this post answers your question, please click accept

Report Inappropriate Content

Hi Robert,

Thanks for your valuable comments.

I am retrieving the variables (Headers & Body fields) from the Apigee Environment (Key - value) and checked in Trace tool , all are populated successfully in KeyValue Apigee policy

I have checked all variables in Trace tool and all are populated and show the values in Trace tool.

I have also tried with hard coded value - instead of fetching from the variable, but still it is not working.

The strange thing is -

when hitting the Service Callout URI as a Target of simple Apigee Proxy, it is returning successful response.

DChiesa

one tip unrelated to your question. You don't need the variablehprefix and variableSuffix , not since 2015. You can do it like this:

<Payload contentType="application/json">{
  "userName": "{userName}",
  "password": "{password}"
}
</Payload>

I find this to be easier on the eyes.

DChiesa

you have a comment in the policy config that says:

<!-- Retrieve the value for Header from the KVM. This is require to get the Access Token. -->

Have you done that? Can you show the KVM-GET policy? Are you sure it is working correctly?

DChiesa

Hi Rajeev -

I just tried invoking that URL from my machine and it responds with a 301 "Moved Permanently". Can you change the URL element from http to https and see if that helps?

Are you using the same (insecure) http URL in the Target? I'm not sure if ServiceCallout differs from an HTTP Target in its handling of 301 and 302. I'd be surprised if that was the case, but I guess it's possible. But regardless, it seems like the way to avoid the problem is to just use the https. When I invoke the https endpoint I get a proper JSON 403 response. (Obviously I don't have credentials)

Report Inappropriate Content

Great Dino !!!!!!

You have resolved the issue. It is minor issue - as you suggested I was using - http in my Service Callout Policy and which I got from my back end team BUT as soon as I changed Service Callout URL to "https", it's given response successfully.

I already raised ticket with Apigee but they are pointing me to Back end error.

Anyway, thank you very much Dino and Robert for your support.

Thanks

Raj

Report Inappropriate Content

Thanks you very much Dino & Robert for your help