Cannot get any successful API queries after a successful authentication

EDIT: Solved - code appended below to work correctly. It was related to cookies not being passed along.

I am trying to pull priarily help desk data out of the K1000, but also device inventory information. I've written a Powershell script that successfully authenticates, retrieves a CSRF token, and updates my subsequent request headers with that token value, but i still get a 'HTTP 401 access denied' when I try any actual API query. 

I have tried setting 'x-dell-api-version' from values of 1-7 with no success.

Here is the powershell code I have:

$body = @{
'password' = "MYPASSWORD"
'userName' = "admin"
'organizationName' = 'Default'

} | ConvertTo-Json

$Uri = 'https://MYKBOX/ams/shared/api/security/login'

$session = new-object microsoft.powershell.commands.webrequestsession

$headers = New-Object "System.Collections.Generic.Dictionary[[String],[String]]"

$Request = Invoke-WebRequest -Uri $Uri -Headers $headers -Body $body -Method Post -WebSession $session

$CSRFToken = $request.Headers.'x-dell-csrf-token'

$APIUrl = 'https://MYKBOX/api/scripting/'

$rifle = Invoke-RestMethod -Uri $apiurl -Headers $headers -Method GET -WebSession $session

4 Comments   [ + ] Show comments
  • I have been using Postman to test my API queries and this request works for me. Are you actually using the admin user for your requests, or did you just put it there for this post? I have found that I need to login with my LDAP username and password for the API to work properly (but maybe you aren't using LDAP authentication).
    Can you load /api/inventory/machines ? - chucksteel 6 years ago
    • I did sanitize this particular password for the purposes of putting it online. I have tried using both the built-in administrator and an ldap user with full admin rights and got the same reply. Is there something in the case box I need to enable to begin running API queries successfully? - isudothings 6 years ago
    • Hi Chuck, Would you be able to post a thread that shows how you run these API's on postman? I'm really interested in learning and I don't know where to start. I do have postman downloaded. - sam240 5 years ago
  • I'm not sure how PowerShell handles requests, but in my authentication request I have commas separating the fields:
    "password" : "{{password}}",
    "userName" : "{{userName}}",
    "organizationName" : "Default"

    Have you tried outputting the x-dell-csrf-token header after authentication to verify that it was returned correctly? - chucksteel 6 years ago
    • I have yes- Powershell actually converts the hashtable to JSON format with the ConvertTo-Json cmdlet, and i did verify it returns the correct format in the $body variable. - isudothings 6 years ago
    • So I figured it out. It was related to cookies. I needed to instantiate a new websession in my initial request and invoke that same session on subsequent requests.

      Essentially I added

      $session = new-object microsoft.powershell.commands.webrequestsession

      to my initial API authentication $request and added the -WebSession $session to it, then later on in my API call, i reused it with -WebSession $session again in the invoke-restmethod.

      So essentially it was how the API needed to keep the cookies across both requests.

      Thanks!! - isudothings 6 years ago
  • Can this tigger scripted installs? - jgarcia29 6 years ago
    • If you mean a managed install, no, the API doesn't include the option to manually trigger a managed install. - chucksteel 6 years ago
  • I had a similar issue happening. Everything worked in Postman but in PHP it failed. Turns out it was cookies, 3 of them. However now I'm trying to get it working in Microsoft Flow and I'm close, just having issues parsing the cookies in the header. - GregThompson 6 years ago
    • Microsoft confirmed FLOW and COOKIES don't mix at this time... - GregThompson 5 years ago

Answers (0)

Be the first to answer this question

This website uses cookies. By continuing to use this site and/or clicking the "Accept" button you are providing consent Quest Software and its affiliates do NOT sell the Personal Data you provide to us either when you register on our websites or when you do business with us. For more information about our Privacy Policy and our data protection efforts, please visit GDPR-HQ