Not able to Get or Post data in Creatio using api basic authentication of pass BPMCSRF key and value in Header

Hi Expert ,

    I am trying to use Creatio api with basic authentication . I am following below links :

    https://documenter.getpostman.com/view/10204500/SztHX5Qb#46f97170-d66d-…;

    

    NotWorking in PostMan : As per documention it's not working  in postman. Stored BPMCSRF value from Response Header Cookie of Token Request and call get api with BPMCSRF / ForceUseSession  headers key with it's value .Removed cookies from get request. Send the the get request it's giving a html response without any error details.

    

    Working in PostMan : In PostMan Send Token request then send get request (https://steuler.creatio.com/0/odata/Product?$top=1) without set any Header keys it's working fine. In this scenario i can see token request response header cookie values are sending bydefault by Postman in the get request.

    NotWorking in Consol Application : As per 2nd scenario i am trying to send a Get api request with token generate Response header cookies values but it's showing html error without any error details

    NotWorking in Consol Application : As per documentation Stored BPMCSRF value from Response Header Cookie of Token Request and call get api with BPMCSRF / ForceUseSession  headers key with it's value .But showing html error without any error details.

    i have attached my screen shots for reference.From my side any configuraration need to be changed Creation envionment for that my scenario  Can you give me any proper documents which i can follow and will be worked ?

    below is my console application code :

                // Create HttpClient

                using (HttpClient httpClient = new HttpClient())

                {

                    // Create HttpRequestMessage

                    HttpRequestMessage request = new HttpRequestMessage(HttpMethod.Get, @"https://steuler.creatio.com/0/odata/Product?$top=1");

                    // Set request headers

                    request.Headers.Add("Accept", "application/json");

                    request.Headers.Add("ForceUseSession", "true");

                    request.Headers.Add("BPMCSRF", "YtuvyS.WPYmW5BChY5anK.");

                    // Send the request

                    HttpResponseMessage response =  httpClient.SendAsync(request).ConfigureAwait(false).GetAwaiter().GetResult();

                    // Check response status

                    if (response.IsSuccessStatusCode)

                    {

                        string responseData =  response.Content.ReadAsStringAsync().ConfigureAwait(false).GetAwaiter().GetResult();

                    }

                 }

 

Thanks and Regards

Surajit Kundu

Like 0

Like

2 comments

I don't see in your code the call to authenticate. I assume that you're previously calling /ServiceModel/AuthService.svc/Login somewhere to get the BPMCSRF value? See https://documenter.getpostman.com/view/10204500/SztHX5Qb#46f97170-d66d-…

Note, the BPMCSRF value doesn't last forever, so it does need to be a recently obtained value. 

This article shows the complete steps for executing requests via Postman which might help: https://academy.creatio.com/docs/8.x/dev/development-on-creatio-platfor…

Ryan

Ryan Farley,

Hi 

      Thanks for your reply . Below is my token generation code from where i have taken cookies value for my 2nd request .Before i have not attached that token generation part as these is working fine. In postman it's working fine using Cookies based authentication.In my Console application i am sending all the Cookies (BPMLOADER, .ASPXAUTH, BPMCSRF, and UserName) as a Header Key and value in further requests to Creatio services that use cookie-based authentication but it's showing Html Error ?

 static async Task<Dictionary<string, string>> TokenGenerateDictionary()

        {

            var headerCookies = new Dictionary<string, string>();                 

                using (var client = new HttpClient())

                {

                    client.DefaultRequestHeaders.Accept.Add(new MediaTypeWithQualityHeaderValue("application/json"));

                    using (var request = new HttpRequestMessage(HttpMethod.Post, @"https://steuler.creatio.com/ServiceModel/AuthService.svc/Login"))

                    {

                        request.Content = new StringContent($"{{\"UserName\":\"ram\",\"UserPassword\":\"abcd\"}}", Encoding.UTF8, "application/json");

                        var response = client.SendAsync(request).Result;

                        var responseString = await response.Content.ReadAsStringAsync();

                        JObject responseJson = JObject.Parse(responseString);

                        int code = (int)responseJson["Code"];

                        if (code == 0 && response.IsSuccessStatusCode)

                        {

                            foreach (string setCookieHeader in response.Headers.GetValues("set-cookie"))

                            {

                                 string[] cookies = setCookieHeader.Split(';');

                                if (cookies.Length > 0)

                                {

                                    string[] keyValue = cookies[0].Trim().Split('=');

                                    if (keyValue.Length == 2)

                                    {

                                        string key = keyValue[0];

                                        string value = keyValue[1];

                                        if (!headerCookies.Keys.Contains(key))

                                            headerCookies.Add(key, value);

                                    }

                                }

                            }

                         }

                    }

                }

            return headerCookies;

        }



Request Get Operation send cookies in Header Key :

         var tokenHeaderCookiesData = TokenGenerateDictionary().ConfigureAwait(false).GetAwaiter().GetResult(); 

         string requestUri = @"https://steuler.creatio.com/0/odata/Product?$top=1";

         using (HttpClient httpClient = new HttpClient())

                {

                    HttpRequestMessage request = new HttpRequestMessage(HttpMethod.Get, requestUri);

                    foreach (string key in tokenHeaderCookiesData.Keys)

                    {

                        //BPMLOADER, .ASPXAUTH, BPMCSRF, and UserName

                        if (key== "BPMLOADER" || key == ".ASPXAUTH" || key == "BPMCSRF" || key == "UserName")

                           request.Headers.Add(key, tokenHeaderCookiesData[key]);

                    }

                    HttpResponseMessage response =  httpClient.SendAsync(request).ConfigureAwait(false).GetAwaiter().GetResult();

                    string responseData =  response.Content.ReadAsStringAsync().ConfigureAwait(false).GetAwaiter().GetResult();

                }

   



Html Error Response with status OK:



<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" culture="en-US">

<head><meta http-equiv="X-UA-Compatible" content="IE=Edge" /><meta name="fontiran.com:license" content="LAXSN" /><meta http-equiv="Content-Type" content="text/html; charset=utf-8" /><title>

    Creatio

</title>

    <style>

        .font-preload {

            position: absolute;

            opacity: 0;

        }

        .font-preload-open-sans {

            font-family: "Bpmonline Open Sans";

        }

        .font-preload-open-sans-light {

            font-family: "Bpmonline Open Sans Light";

        }

        .font-preload-open-sans-bold {

            font-family: "Bpmonline Open Sans Bold";

        }

    </style>

<script type="text/javascript" src="https://steuler.creatio.com//core/8dc3ccad339641a4ecd1ecb0b57f017d/Terr…"></script>

<script type="text/javascript" src="https://steuler.creatio.com/api/ClientScript/GenerateLoginScripts"></script>

<script type="text/javascript" src="https://steuler.creatio.com//core/057665f97324038f6c7c326b6734de6b/requ…" data-main="https://steuler.creatio.com//core/0fbfa51b1de27f89696f0f8d31da5f16/Terr…" async></script>

<script type="text/javascript"></script>

</head>

<body>

    <div class="font-preload">

        <span class="font-preload-open-sans">_</span>

        <span class="font-preload-open-sans-light">_</span>

        <span class="font-preload-open-sans-bold">_</span>

    </div>

    <form name="IndexForm" method="post" action="./NuiLogin.aspx?ReturnUrl=%2f0%2fodata%2fProduct%3f%24top%3d1&amp;%24top=1" id="IndexForm">

<input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="+mvmSAOrSFVSNU1VvvnnAv5lt45aMHGRIkN033uMqlv/X2Fn2421RrzZayJqLBBTzwEnVTCtLeOrFnkbGP1c32c1p4dJwgJeute2MMWvNkRY1wHA" />

<input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="0BFA92C5" />

    </form>

</body>

</html>

 

Thanks 

Surajit Kundu

Show all comments