This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Log in to ask a question
Log in to ask a question

Getting 401 Unauthorized error when trying to get user details using management API call as a system admin

Posted on 07-23-2018 07:58 AM
Not applicable
Reply posted on --/--/---- --:-- AM

I have written an API (lets call it API-1) which will call an internal API (lets call it API-2) in an iterative manner for getting the user details (The number of user details depends on the count I specify while making the call using API-1)

Here Internal API (API-2) will make a management API call for getting the details of a specific user using system admin credentials

Flow:

API-1(User details API - Iterative Call) --> API-2(Internal API - Single Call) --> Management API Call

For authentication purpose we are using an external IDP along with LDAP

I see that some of the calls made by API-2 to Management API are successful and some of them are failing. I find it difficult to understand as to why only some calls are failing with 401 Unauthorized issue , couldn't even find out a pattern too.

For example , I am expecting first 20 user details API- 1 will make a 20 iterative calls to API-2 to get User details.sometimes API- 2 is responding back with success for all the 20 calls and sometimes it is failing with 401 Unauthorized error even though there is no change in the Input data/headers

0 4 2,878
Topic Labels
0 Likes
4 REPLIES 4

Posted on --/--/---- --:-- AM
sidd-harth
Bronze 1
Bronze 1
Reply posted on --/--/---- --:-- AM

Hi @Gella Sonia, we need some more details to provide an effective answer,

  1. Did you use any programming language(java, nodejs, .net...) to write the API-1?
  2. Are you using Apigee Edge to create/proxy this API-1?
  3. If you are using Apigee Edge,
    1. then how are making an internal call to API-2, is it through Service Callout Policy or something else?
    2. did you check the Trace session?
    3. how is authentication handled? is it on done on Apigee or on API-2?
0 Likes

Posted on --/--/---- --:-- AM
Not applicable
Reply posted on --/--/---- --:-- AM

Hi Siddharth Barahalikar,

1)I am using Java script policy in API -1 and using http.send() to call API-2

2)Both API -1 and API -2 are proxy's that created in APIGEE

3) 1. As i told, i am using http.send in javascript to call API -2

2. Yes I verified, API 2 is failing for some call with 401 unauthorized(Many time responding back with succes)

To add some more information, In API -2 I am making a management API call using service callout policy .

Here is the link for management API for getting user details

https://apidocs.apigee.com/management/apis/get/users/%7Buser_email%7D

This Management API expect a authorization header where I tried with System admin and org admin credentials

And my question is , why some calls responding back with success and some are failing when I am sending a same Authorization Header/Input payload

0 Likes

Posted on --/--/---- --:-- AM
sidd-harth
Bronze 1
Bronze 1
Reply posted on --/--/---- --:-- AM

Thanks for the info. It is not recommended to use Management APIs from within API Proxies, maybe that is the issue. Let me check once & let you know a possible solution.

In the meantime, to get some user/developer details we can make use of Access Entity Policy to get all developer info.

https://docs.apigee.com/api-platform/reference/policies/access-entity-policy

0 Likes

Posted on --/--/---- --:-- AM
Not applicable
In response to sidd-harth
Reply posted on --/--/---- --:-- AM

Hi Siddharth

As per my understanding, Management API call with a wrapper API Proxy is recommended.

And I am trying to access API Developer (user) details not App developer details.

0 Likes