cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Highlighted
Flexera beginner

REST API "Token refused due to missing key" for /access_request

Jump to solution

I am access the REST API of an FNO license server.
I set a password on the license server on FNO and I can successfully authenticate.
I receive a Bearer token, which allows me to make almost any REST calls such as "/features", "/hosts", etc...

EXCEPT "/access_request"...

Trying to request features through the "/access_request" access point FAILS as followed:

Status:Unauthorized, Reason:{
  "key" : "glsErr.userAuthFailed",
  "message" : "Authorization attempt at uri=/GlobalLicensingService/api/1.0/instances/RW0GJ2TDSZZW/preview_request failed for user (unknown) (error BadCredentialsException(Token refused due to missing key.))",
  "arguments" : [ "uri=/GlobalLicensingService/api/1.0/instances/RW0GJ2TDSZZW/preview_request", "(unknown)", "BadCredentialsException", "Token refused due to missing key." ]
}

Why this call fails but all the others are successful, with the SAME Bearer token?

What to do?

Also: IS THERE ANY EXAMPLE OF ACQUIRING A FEATURE USING REST API ON FNO SERVER?

 

0 Kudos
1 Solution

Accepted Solutions
Highlighted
Moderator Moderator
Moderator

Re: REST API "Token refused due to missing key" for /access_request

Jump to solution

Hi @kiangorji ,

You will also need to consult the License Server Producer Guide for additional information.  The process is:

  1. Generate a Public / Private Key Pair (many available tools)
  2. Get Authorization Token from Cloud License Server (CLS) via /authorize
  3. Upload the Public Key (.der format) using /rest_licensing_keys to the CLS using the Authorization Token
  4. Create a JSON Web Token using the Private Key from Step 1.  Many available tools, https://jwt.io is easy to use.
  5. Send license request to /access_request using the JWT.

I have attached an example I created that should help guide you.

Best regards,

View solution in original post

0 Kudos
4 Replies
Highlighted
Moderator Moderator
Moderator

Re: REST API "Token refused due to missing key" for /access_request

Jump to solution

Hi @kiangorji ,

That is correct.  The /access_request  endpoint to obtain a license from a license server (cloud or local) is one of the Cloud Monetization APIs (CMAPI).  This REST API requires a Jason Web Token (JWT) for Authorization which is different from the authorization token used for License Server Management.  Documentation along  with examples are provided in the Cloud Monetization API Guide. 

Best regards,

   

0 Kudos
Highlighted
Flexera beginner

Re: REST API "Token refused due to missing key" for /access_request

Jump to solution
I have the CMAPI 2019R2 guide that I'm following and I do not see any example on HOW to GENERATE this token for the request.
There is just a vague Python example on how to validate the response if you ask for a signed access.request.
Also "The Capability Exchange Process" and "Means to Attach the JWT to the Capability Request" have no example and are totally vague.
Is there any example of generating this token somewhere?
There's also talks about generating keys on server and all, but I can't see how that would apply to the client license server on FNO, there's nowhere to set a certificate there.

Any more precise clarification/example would really be helpful - we're stuck for those important calls.
0 Kudos
Highlighted
Moderator Moderator
Moderator

Re: REST API "Token refused due to missing key" for /access_request

Jump to solution

Hi @kiangorji ,

You will also need to consult the License Server Producer Guide for additional information.  The process is:

  1. Generate a Public / Private Key Pair (many available tools)
  2. Get Authorization Token from Cloud License Server (CLS) via /authorize
  3. Upload the Public Key (.der format) using /rest_licensing_keys to the CLS using the Authorization Token
  4. Create a JSON Web Token using the Private Key from Step 1.  Many available tools, https://jwt.io is easy to use.
  5. Send license request to /access_request using the JWT.

I have attached an example I created that should help guide you.

Best regards,

View solution in original post

0 Kudos
Highlighted
Flexera beginner

Re: REST API "Token refused due to missing key" for /access_request

Jump to solution

This was a great answer, it makes everything much clearer.

Thanks a lot jberthold for the detailed explanation (it should be added to the CMAPI manual) and for the PDF with example too.

 

0 Kudos