REST API 401 Unauthorized

I’m a newbie, have just installed a fresh instance and have created a realm, asset and service user.

I am trying to make an API call via Postman to get details of the realm. I have successfully retrieved a token for the user via the request below sending the client_id & client_secret .
https://localhost/auth/realms/10038/protocol/openid-connect/token

I added the access_token to the Authorization section when configuring a Get request in Postman. The made the request below
https://localhost/api/10038/realm

When I run this command I get an 401 Unauthorized with www-authenticate value saying Bearer realm=“10038”, error=“invalid_token”, error_description=“Token is not active”

Can anyone help me debug this?

Hi Graham,

Are you using the Postman OAuth 2.0 functionality in the Authorization tab? It will take care of getting the token and using it. Select the type and on the right side fill in the ‘Configure New Token’ form to get the token. You can then click to use the token in the dialog that appears. Now you will be correctly authorized (in my limited experience :grimacing:)

Don

You need to go to “Authorization”, there you choose Type “OAuth 2.0” and fill out the required fields under “Configure New Token”: Grant Type (in my case “Client Credentials”), Access Token URL (https://localhost/auth/realms/10038/protocol/openid-connect/token), Client ID (Service User), Client Secret (generated password of Service User). Afterwards click “Get New Access Token”. It should say now something like completed, then press “Proceed” and “Use Token”. Afterwards everything should be ready to make a request.

Thanks for the advice.

I’ve conducted some further tests and can confirm the Authorization process is working and returning a token which can then be ‘synced’.

Once this is done I can then run either of the two following API calls successfully.

https://localhost/api/10038/info
https://localhost/api/10038/health

However non of the other api calls work, the request below returns a 403 forbidden.
https://localhost/api/10038/realm

Also the the info & health requests only work for about a minute before I have to refresh the tolken again.

I’m wondering if this is something to do with my installation. I’m working on Hyper-v Ubuntu 22.04 VM running on a Win 10 host. I could not get Docker Desktop to install correctly presumably due to lack of KVM (?). I therefore installed and ran Docker via apt.

Is anyone able to confirm or deny being able to run openremote on the setup I have or is Docker Desktop a must have?

After trying some more of the requests it appears the request below is not authorised
https://localhost/api/10038/realm

If I try this one then its returns successfully. I guess there are some permission issues somewhere stopping the specific service user I set up accessing the first request.
https://localhost/api/10038/realm/10038

I still have the issue of the access token timing out after 60 seconds and it not autmotaically requesting a new one however I’m assuming this can be addressed programatically if I automate the api requests.