Troubleshooting the REST API

Issues with authentication

An error 401 indicates that you could not be authenticated by using the token expected in the HTTP Authorization header. Several reasons could cause this problem:

• The Authorization header itself is missing or invalid.
• The token is missing from the header or is invalid.
• The token has expired. Note that tokens expire only if they are generated from the /api/token endpoint (as opposed to being generated in the user interface). In this case, generate a new one with another call to the same endpoint. If you are using the Swagger UI, the interaction with /api/token is hidden from you. To trigger another call to the endpoint, refresh the Swagger UI and enter your username and password again.
• The user that owns the token has been deactivated or deleted.

You cannot generate a token for the System user. The System user cannot be used to access the API by design, which is to encourage more secure use of permissioning in the system. Additionally, if the System user's API token is revealed, there is no way to delete this user.

Issues with connection to the API at all over HTTPS

By default, the REST API is only accessible over HTTPS. However, if you have not configured HTTPS, requests for any endpoint will fail to connect:

Either configure HTTPS or enable API access over HTTP, although HTTP is only recommended for testing.

API request logging

All TMF621 API requests and responses are logged in the 'TMF API Request Log' record definition. The Rest API logs for the TMF request & response are available in Network Service Operations library.

To view API request logs, perform the following steps:

1. From the BMC Helix ITSM menu bar, select Application launcher > Innovation Studio.
2. Select the Network Service Operations library.
3. From Records, select the TMF API Request Log checkbox.
4. Select the Edit data button.
   A list of TMF API requests and responses is displayed.