Cant login Client Org user via REST API
Completed
YF Distributor South Africa
22 months ago
Hi There,
We using v9.7.1.1 b20220406
We are busy with integration for a new prospect we are trying to login a user via the REST API that exists in a Client Org.
We cannot seem to create a SSO token for a user that only exists in a Client Org.
Only works if the user exists in the Default Org aswell. (which should not be the case)
I've attached some sample code in order to replicate the error aswell as the yellowfin log see around 2022-06-13 11:48
These are the errors i get in the logs
Relationship to primary org exists, but not STAFFMEMBER: MEMBER
User does not have permission to create an SSO login
Regards,
Stephen
Hi Stephen,
Is the user able to log in using the regular REST calls?
David
Hi Stephen,
Is the user able to log in using the regular REST calls?
David
Hi David,
What do you mean by regular rest calls?
Regards,
Stephen
Hi David,
What do you mean by regular rest calls?
Regards,
Stephen
Hi there,
I've done some more testing, the error is coming from the Js API v3.
The REST API call is successfully and I do get a session ID back, when using the session id to retrieve a report using the Js API, produces an error.
I can use the same session to login via the Web UI, so it relates only to the Js API.
FYI ... When the report user exists in both the default Org and the Client Org the Js API call is successful. How do I get it to work for report users that only exist in a Client Org?
Regards,
Stephen
Hi there,
I've done some more testing, the error is coming from the Js API v3.
The REST API call is successfully and I do get a session ID back, when using the session id to retrieve a report using the Js API, produces an error.
I can use the same session to login via the Web UI, so it relates only to the Js API.
FYI ... When the report user exists in both the default Org and the Client Org the Js API call is successful. How do I get it to work for report users that only exist in a Client Org?
Regards,
Stephen
Hi Stephen,
Sorry. By regular REST calls I mean logging in with regular REST API calls, not through the /rpc SSO process. I tested with a user that was not in the default org but was in the Client org and that logged in just fine. I'm not as familiar with the SSO login API, and I'm having problems getting it to work for me in general. I'm going to continue testing and try and get it working.
Regards,
David
Hi Stephen,
Sorry. By regular REST calls I mean logging in with regular REST API calls, not through the /rpc SSO process. I tested with a user that was not in the default org but was in the Client org and that logged in just fine. I'm not as familiar with the SSO login API, and I'm having problems getting it to work for me in general. I'm going to continue testing and try and get it working.
Regards,
David
Hi David,
I get exactly the same results using the non-rpc REST calls.
Also see my previous comments on the addition information provided.
Please can we have this escalated as it is very important that we get this working.
Regards,
Stephen
Hi David,
I get exactly the same results using the non-rpc REST calls.
Also see my previous comments on the addition information provided.
Please can we have this escalated as it is very important that we get this working.
Regards,
Stephen
Hi Stephen,
I'll get some additional resources looking into this.
Hi Stephen,
I'll get some additional resources looking into this.
Hi Stephen,
I have raised this to the next level. We will keep you posted with updates as we have them.
David
Hi Stephen,
I have raised this to the next level. We will keep you posted with updates as we have them.
David
Hi Stephen,
I have been able to get this to work on my local system.
Two things that need to be modified in your example HTML:
1. The credentials in the example HTML seem to be back to front.. User and Admin credentials are swapped.
2. Also, you need to add a clientOrg parameter to the JsAPI URL. (This shouldn't really be required if the session is already attached to a clientOrg, so we will look at fixing this... but this will get it working now. )
Thanks,
Peter
Hi Stephen,
I have been able to get this to work on my local system.
Two things that need to be modified in your example HTML:
1. The credentials in the example HTML seem to be back to front.. User and Admin credentials are swapped.
2. Also, you need to add a clientOrg parameter to the JsAPI URL. (This shouldn't really be required if the session is already attached to a clientOrg, so we will look at fixing this... but this will get it working now. )
Thanks,
Peter
Hi Stephen,
JsAPI supports having token and clientOrg reference passed in as URL parameters because it can be used as a one-liner to embed content into page, but I believe that the official way of authenticating Yellowfin JsAPI is to use the newSession method that accepts a token and an org reference as parameters. I've attached an example to this comment.
Regards,Mike
Hi Stephen,
JsAPI supports having token and clientOrg reference passed in as URL parameters because it can be used as a one-liner to embed content into page, but I believe that the official way of authenticating Yellowfin JsAPI is to use the newSession method that accepts a token and an org reference as parameters. I've attached an example to this comment.
Regards,Mike
Hi Guys,
Thanks for the feedback, both suggestions seem to be working
Really appreciate the assistance.
Regards,
Stephen
Hi Guys,
Thanks for the feedback, both suggestions seem to be working
Really appreciate the assistance.
Regards,
Stephen
Hi Stephen,
That's great to hear! Please let us know if there is anything else we can help with.
Have a great day,
David
Hi Stephen,
That's great to hear! Please let us know if there is anything else we can help with.
Have a great day,
David
Hi Stephen,
I hope all is well,
Mark here from the EMEA Support Team. As you are aware David no longer works at Yellowfin, with this I have since assigned this to myself. Looking into this further I can see that a solution has been put in place. Going forward are we good to mark this ticket as Completed?
Regards,
Mark
Hi Stephen,
I hope all is well,
Mark here from the EMEA Support Team. As you are aware David no longer works at Yellowfin, with this I have since assigned this to myself. Looking into this further I can see that a solution has been put in place. Going forward are we good to mark this ticket as Completed?
Regards,
Mark
Replies have been locked on this page!