Skip to main content

I’m building an API call request, where I first need to obtain an access token, before I make my actual API call.

I have tested the 2-step process using 2 separate JSON calls successfully. The message body of the OAuth request looks like this. Sensitive info redacted:

 

scope is a required parameter. The above call successfully retrieves my token.

 

I tried to setup this as a Generic server:

But there is no available space to specify the scope parameter.

 

When I run my plan:

 

I get:

2024-09-04 09:33:16 INFO: Validating model...
2024-09-04 09:33:16 INFO: Creating runtime...
2024-09-04 09:33:17 INFO: Running runtime...
2024-09-04 09:33:17 3JsonCall] DEBUG: IOException when making request GET https://preprod-api.londonmarketgroup.co.uk/reference-data/acord/v2/version HTTP/1.1java.io.IOException: Cannot get credentials for request.
at com.ataccama.dqc.io.http.CommonHttpClient.makeRequest(CommonHttpClient.java:351)
at com.ataccama.dqc.tasks.io.json.call.JsonCall$Runtime.run(JsonCall.java:425)
at com.ataccama.dqc.processor.internal.runner.ComplexStepNode.runNode(ComplexStepNode.java:64)
at com.ataccama.dqc.processor.internal.runner.RunnableNode.run(RunnableNode.java:29)
at com.ataccama.dqc.commons.threads.AsyncExecutor$RunningTask.run(AsyncExecutor.java:135)
at java.base/java.lang.Thread.run(Thread.java:833)
Caused by: com.ataccama.dqc.commons.auth.CannotGetCredentialsException: Cannot get token from URL 'https://login.microsoftonline.com/{redacted_tenant}/oauth2/v2.0/token'
at com.ataccama.dqc.io.http.OpenIdConnectTokenProvider.createToken(OpenIdConnectTokenProvider.java:89)
at com.ataccama.dqc.io.http.OpenIdConnectTokenProvider.getToken(OpenIdConnectTokenProvider.java:50)
at com.ataccama.dqc.commons.auth.BearerAuthHeaderValueProvider.getValue(BearerAuthHeaderValueProvider.java:35)
at com.ataccama.dqc.commons.url.HttpClientConfigurer.setupHeaders(HttpClientConfigurer.java:31)
at com.ataccama.dqc.io.http.CommonHttpClient$CredentialsProvider.setupHeaders(CommonHttpClient.java:586)
at com.ataccama.dqc.io.http.CommonHttpClient.makeRequest(CommonHttpClient.java:349)
... 5 more
Caused by: java.io.IOException: Server returned HTTP response code: 400 for URL: https://login.microsoftonline.com/{redacted_tenant}/oauth2/v2.0/token
at java.base/sun.net.www.protocol.http.HttpURLConnection.getInputStream0(HttpURLConnection.java:1997)
at java.base/sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:1589)
at java.base/sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(HttpsURLConnectionImpl.java:224)
at com.ataccama.dqc.io.http.OpenIdConnectTokenProvider.createToken(OpenIdConnectTokenProvider.java:74)
... 10 more

2024-09-04 09:33:17 INFO: Finished! (Time spent: 0 s)

 

So…. if I am unable to use runtime config, I would have to go back and use the 2 step json call. Is there some way to store that step in some sort of protected way so I’m not storing client id and secret as plain text in the step?

I ended up getting an answer from this post: 

 

In summary, what I had to do:

 

  1. Server name “limossAuth”, which calls MS Oauth to get the token, putting client_id into “User” field and client_secret into “Password field”. Extra “scope” value is entered into JSON call step which retrieves the token.
  2. Server name “limoss”, which calls the actual API for the data, with No Auth. This connection is used for 2nd JSON call step which calls for the data, uses token retrieved in step 1, so no auth required from the server connection itself.

Thank you for sharing the solution @may_kwok (and great to have it from the past May 🤝🤣)


Reply