Default language.

Troubleshooting the REST API

The information in this topic is applicable only for on-premises deployments.

To understand errors from the REST API, examine the status code of the response along with the response body if present. If that does not help, and you have access to the appliance's logs, look at the log file for the REST API subsystem (setting the log level to DEBUG temporarily can be useful).

This topic discusses specific scenarios you might encounter.

Issues with authentication

The 401 Unauthorized error indicates that you could not be authenticated using the token expected in the HTTP "Authorization" header. Several reasons could cause this problem:

  • The "Authorization" header itself is missing or invalid.
  • The token is missing from the header or is invalid.
  • The token has expired. Note that tokens only expire if they are generated from the /api/tokenendpoint (as opposed to being generated in the user interface). In this case, you can generate a new one with another call to the same endpoint. If you are using the Swagger UI, the interaction with /api/token is hidden from you, but you can trigger another call to the endpoint by refreshing the Swagger UI and entering your username and password again.
  • The user that owns the token has been deactivated or deleted.

Both the new UI and the REST APIs run on Jetty. 

I can't connect to the API at all over HTTPS

Configure HTTPS or enable API access over HTTP.

I keep getting 403 Forbidden errors back from the API

This error occurs if you have configured HTTPS and you try to access HTTP. If your HTTP(S) configuration is correct, but you still receive 403 errors, the user accessing the API might not have permission to perform the actions required by the endpoint.

The Jetty server does not respond to client REST API request

This issue is observed when you configure the Jetty server by using a secured socket layer (SSL). Perform the following steps:

  1. Open the arserver.config file, located in the InstallationDirectory\ARSystem folder.
  2. Add the following line in the arserver.config file.
    jvm.option.<next_no>=-Dorg.apache.activemq.broker.BouncyCastlePosition=100

How to turn on logging for REST API-related issues

For information about turning on logging for REST API-related issues, see Setting-log-files-options or the BMC Communities article, How to turn logging on for RESTAPI problems.

Related topics

Integrating-AR-System-forms-with-a-third-party-application-by-using-the-REST-API

Endpoints-in-AR-REST-API

 

Tip: For faster searching, add an asterisk to the end of your partial query. Example: cert*