×
 
 
  •  
$helper.renderConfluenceMacro('{bmc-global-announcement:$space.key}')
BMC Helix Discovery ... Integrating Using the REST APIs

Troubleshooting the REST API

To start understanding errors from the REST API, examine the status code of the response along with the response body, if present.  In addition, here are some specific scenarios you may encounter:

I keep getting 403 Forbidden errors back from the API

 If you trying to access the REST API over HTTPS but you still receive 403 errors, then the user accessing the API may not have permissions to perform the actions required by the endpoint. Some endpoints require more permissions than others - particularly those that access the vault or credentials, or those that create or modify resources (for example, submitting a new discovery run). To check if this is the case, try an endpoint like /discovery/runs, which requires fewer permissions than some of the others:

curl -i -X GET -H 'Authorization: bearer <your_token>' https://appliance/api/v1.12/vault/credentials

HTTP/1.1 403 Forbidden
{
  "code": 403,
  "message": "Permission denied",
  "transient": false
}


curl -i -X GET -H 'Authorization: bearer <your_token>' https://appliance/api/v1.0/discovery/runs

HTTP/1.1 200 OK
[]

If you can at least access some endpoints successfully, then your problem is likely to be a lack of permissions. If all endpoints are giving you back a 403 error then your user may not have "api-access" permission to access the REST API at all. In both cases, a BMC Helix Discovery Administrator can review your permissions.

I keep getting 401 Unauthorized errors back from the API

This indicates that you could not be authenticated using the token expected in the HTTP "Authorization" header. This could be for a number of reasons:

  • The "Authorization" header itself is missing or invalid.
  • The token is missing from the header, or is invalid.

  • The token has expired. Tokens only expire if they are generated from the /api/token endpoint (rather than being generated in the user interface). In this case, you can generate a new one with another call to the same endpoint. 

  • The user that owns the token has been deactivated or deleted.

Was this page helpful? Yes No Submitting... Thank you
Last modified by Duncan Tweed on Mar 02, 2024
link rest_api troubleshooting bmc_contributor

Comments

Log in or register to comment.

Swagger and the REST APIs
REST API example code
© Copyright 2004 - 2023 BMC Software, Inc.
Legal notices

Powered by Atlassian Confluence and Scroll Viewport

© Copyright 2005-2024 BMC Software, Inc. Use of this site signifies your acceptance of BMC’s Terms of Use . BMC, the BMC logo, and other BMC marks are assets of BMC Software, Inc. These trademarks are registered and may be registered in the U.S. and in other countries.