[Solved] unable to access index.php/api2/Contacts

[hussaint37 0]

whenever i tried to open http://localhost/x2engine/index-test.php/api2/Contactsit ask me for username and password for authorization. but when i enter a admin username and password it always says invalid login details but i am able to login admin's username and passwords in backend.... 

Here is the JSON response when i click on cancel button in authorize browser popup....

 

{

• "httpHeaders": {
  • "Content-Type": "application/json; charset=utf-8",
  • "WWW-Authenticate": "Basic realm=\"X2Engine API v2\""
  },
• "reqHeaders": {
  • "Host": "localhost",
  • "User-Agent": "Mozilla/5.0 (Windows NT 6.1; rv:34.0) Gecko/20100101 Firefox/34.0",
  • "Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8",
  • "Accept-Language": "en-US,en;q=0.5",
  • "Accept-Encoding": "gzip, deflate",
  • "Cookie": "9acf1=last_submit_item%261417588064; ci_session=a%3A10%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%224b89b36f85ab3706c34ed2a8d17a676d%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A3%3A%22%3A%3A1%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A65%3A%22Mozilla%2F5.0+%28Windows+NT+6.1%3B+rv%3A34.0%29+Gecko%2F20100101+Firefox%2F34.0%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1420108603%3Bs%3A9%3A%22user_data%22%3Bs%3A0%3A%22%22%3Bs%3A2%3A%22id%22%3Bs%3A2%3A%2216%22%3Bs%3A4%3A%22name%22%3Bs%3A10%3A%22Test+Admin%22%3Bs%3A8%3A%22org_name%22%3Bs%3A7%3A%22Infowiz%22%3Bs%3A6%3A%22rel_id%22%3Bs%3A2%3A%2214%22%3Bs%3A6%3A%22folder%22%3Bs%3A5%3A%22power%22%3B%7Dd7a61eabbf876c6c834b82666d1709088660ba33; PHPSESSID=mv4g63v2fr2aj8pa9nmtmc1pe2",
  • "Connection": "keep-alive"
  },
• "message": "Missing user credentials: user",
• "error": true,
• "status": 401

}

[X2Raymond 164]

I believe the issue is caused by invalid credentials. You need to actually provide the API key for the admin user instead of the admin's ordinary password. The only reason it says "Password" in the dialog is because it is using HTTP basic authentication, which behaves as such in a browser.

 

You can retrieve your API key by navigating to "Users," then clicking on the user you'd like to use, then click "Update" in the action menu. One of the fields will be the API key.

[marcgott 1]

On a similar note, I can login to the API system *only* using the admin credentials. x2E comes with an api user, but no combination of username/alias/password/apikey seems to work for that user. Is there a profile setting/permission that needs to be changed?

 

TIA

[X2Raymond 164]

The credentials combination you need to select depends on the method you are using to contact X2: When logging in to the web UI as you would normally, you of course use the username and password combination. When instead making calls to the API, you must use the username and API key combination. Each user is assigned a unique API key, which can be found from the Update page of the users module.

[marcgott 1]

Let me rephrase:

 

When pulling data from x2 throuhg the api, the only credentials I can authenticate with (using PHP/cURL as the mechanism) are my own user admin credentials (user 1). The credentials for the default api user won't/don't work. I get a 403 error when trying to use them.

[X2Raymond 164]

Ahhh, I see. I would first verify the actual credentials that are set for the api user. Browse to the users module, view the api user, and then proceed to the update screen. Ensure that:

• The api user has a valid API key set
• The status field is set to "active."

You will additionally need to grant the necessary permissions to the api user by assigning it a Role.

[marcgott 1]

Permissions. That'll do 'er...

 

Setting api user to admin role solved the issue.