*Cumulosity hosted we service with version 1018.0.229 used *
*Detailed explanation of the problem: Currently i am doing a proof of concept to evaluate the token based use of the cumulosity api (no base auth any longer). this does not seem to work. I was searching for a detailed documentation to tackle this topic but was not succesful with finding anything. *
*Error messages / full error message screenshot / log file:
“message”: “Full authentication is required to access this resource”,
“error”: “security/Unauthorized”,
“info”: “ttps://www.cumulosity.com/guides/reference/rest-implementation//#a-name-error-reporting-a-error-reporting”
*
Question related to a free trial, or to a production (customer) instance?
how does your API Call look like? Is this about the platforms OAI Authentication method - or the new 10.18 functionality to use an access token from a connected authorization server?
If you have your Token and you’re using the Authorization header, make sure your header is in the format: Authorization: Bearer <your token here> . The "Bearer " prefix is important, I’ve seen this error-message before when not stating it.
i try t use the new 10.18 Functionality. So what i try is to use the api without the basic auth. The SSO is allready activated and running at our environment.
Even with the changed format it is not working. Shoudnt it work even simply im the browser if the browser contains the auth token as cockie ?
I’ve connected a Keycloak Server to a 10.18.0.229 Tenant and it worked for me - I was able to login and also to use keycloaks access tokens for Cumulocity API Calls. That indicates it’s not a general problem, probably more a misconfiguration somewhere.
How is the situation in your tenant? Which authorization server did you connect (Azure AD, Auth0, Keycloak, Okta, something different)? Does the SSO login work via UI? Does the login work via UI and it’s “only” the newly introduced functionality - to do API requests with the access token of your authorization server - that doesn’t work for you?