AnsweredAssumed Answered

client_not_allowed trying to login on https://tryanywhere.gssd.hds.com

Question asked by Eduard Ruzga on Feb 2, 2017
Latest reply on Feb 5, 2017 by Eduard Ruzga

Hi, we are trying a test integration based on this doc REST API Resources

We have a trial account at https://tryanywhere.gssd.hds.com/

 

Trying to use curl as shown in docs to login we get the following results(I hidden real login and pass)

$ curl https://tryanywhere.gssd.hds.com/fss/public/login/oauth -iku "mylogin:mypass" -H "Content-Type: application/x-www-form-urlencoded" -H "Accept: application/json"  -H "X-HCPAW-FSS-API-VERSION: 2.1.1" -d 'grant_type=urn:hds:oauth:negotiate-client'

 

Response:

HTTP/1.1 403 Forbidden

Strict-Transport-Security: max-age=31536000; includeSubDomains

X-Content-Type-Options: nosniff

X-XSS-Protection: 1; mode=block

X-Frame-Options: SAMEORIGIN

Content-Security-Policy: default-src 'self'; style-src 'self' 'unsafe-inline'

X-Content-Security-Policy: default-src 'self'; style-src 'self' 'unsafe-inline'

X-HCPAW-SUPPORTED-FSS-API-VERSIONS: 2.1.1

X-HCPAW-FSS-API-VERSION: 2.1.1

X-HCPAW-System-Id: 08c3cc44-e3eb-4197-be04-8e1d07aa5701

WWW-Authenticate: Negotiate

Content-Type: application/json;charset=UTF-8

Content-Length: 30

Date: Thu, 02 Feb 2017 08:38:31 GMT

Server: hcpaw

 

{"error":"client_not_allowed"}

 

 

$ curl -kiX POST https://tryanywhere.gssd.hds.com/fss/public/login/oauth -H "X-HCPAW-FSS-API-VERSION: 2.1.1" -H "Accept: application/json" -H "Content-Type: application/json" -d '{"username": "login", "password": "pass", "grant_type": "urn:hds:oauth:negotiate-client"}'

 

Response:

HTTP/1.1 403 Forbidden

Strict-Transport-Security: max-age=31536000; includeSubDomains

X-Content-Type-Options: nosniff

X-XSS-Protection: 1; mode=block

X-Frame-Options: SAMEORIGIN

Content-Security-Policy: default-src 'self'; style-src 'self' 'unsafe-inline'

X-Content-Security-Policy: default-src 'self'; style-src 'self' 'unsafe-inline'

X-HCPAW-SUPPORTED-FSS-API-VERSIONS: 2.1.1

X-HCPAW-FSS-API-VERSION: 2.1.1

X-HCPAW-System-Id: 08c3cc44-e3eb-4197-be04-8e1d07aa5701

WWW-Authenticate: Negotiate

Content-Type: application/json;charset=UTF-8

Content-Length: 30

Date: Thu, 02 Feb 2017 09:06:57 GMT

Server: hcpaw

 

{"error":"client_not_allowed"}


What are we doing wrong? Wrong URL, should API enabled somehow for trial account, or is there something lese?

Outcomes