Authorization Process Issue with JWT

[nioniofr]

Dear ALL, Since 10/05/2022 I can't download data using aw_workspace_report with JWT authorization. In my case I have the confirmation message: "Successfully authenticated with JWT: access token valid until 2022-05-19 12:09:04" (aw_auth_with('jwt'), aw_auth()) then get_me() works correctly. However when I try to download some data with aw_workspace_report:

result_df <- aw_workspace_report(req_body = "C:\Users\Reporting\test.json", company_id = Sys.getenv("AW_COMPANY_ID"))

I have still message:

"Request failed [401]. Retrying in 1 seconds..."

or

aw_get_reportsuites()

"Request failed [404]. Retrying in 1 seconds... Request failed [404]. Retrying in 3.6 seconds... Error in handle_api_errors(resp = req, body = body) : errorCode: 404 errorDescription: Could not find analytics user for globalCompanyId=xxx and imsUserId=xxx@techacct.adobe.com"

Can you help me please?

P.S. Everything worked fine until monday (09/05/2022). I also checked the validity of the keys on Adobe Console API , everything is OK.

My issue is probably similar to: https://github.com/benrwoodard/adobeanalyticsr/issues/10 but I am not sure.

Regards Przemek

[benrwoodard]

Hey Przemek,

What version of the R package are you using? It could be several things that are causing this issue.

Issue #10 is in reference to Oauth authorization token refresh so that would be completely different. The error is stating you don't have the Global Company Id and User ID set as session objects. Since you are getting the auth success notification and also able to pull get_me() information, I'm inclined to think your JWT-enabled API project does not have the appropriate permissions.

[nioniofr]

Hey Ben, Thank you very much for your quick response. I really appreciate that. Initially I used adobeanalyticsr 0.2.1 (until 10/05/22). Of course, I tried to find a solution myself so I installed the 0.3.2 (same problem with aw_workspace_report) last week. Yesterday I have installed adobeanayticsr from github but still same problem. I don't think there is a problem with the package because everything worked great until May 9th on adobeanalyticsr 0.2.1. I also didn't change anything on the Adobe Console API. P.S. If this helps, I can ask directly questions to adobe support. I just need to know what to ask :-)

[nioniofr]

Hello All, I'm trying to solve my issue with Adobe support. Maybe you know how I can check my token JWT permisions using Postman?

[benrwoodard]

Hey Przemek,

In v0.3.0 we changed the way authentication for JWT is done. When it was first introduced into the package in v0.2.0 the authentication function looked for a series of global variables but in v0.3.0 we made it easier by referencing the json file and key file only. Can you verify that your .Renviron looks like the following:

## If using JWT 
AW_AUTH_FILE = "[auth_file.json]"
AW_PRIVATE_KEY = "[private.key]"
AW_COMPANY_ID = "[Company ID]"
AW_REPORTSUITE_ID = "[RSID]"

[nioniofr]

My .Renviron:

AW_CLIENT_ID = "xxx" AW_CLIENT_SECRET = "xxx" AW_ORGANIZATION_ID = "xxx" AW_TECHNICAL_ID = "xxx" AW_COMPANY_ID = "xxx" AW_REPORTSUITE_ID = "xxx" AW_PRIVATE_KEY = "C:\Users\u098909\Documents\private.key" AW_AUTH_FILE = "C:\Users\u098909\Documents\auth_file.json"

and my auth_file.json:

{ "API_KEY":"xxx", "CLIENT_SECRET":"xxx", "ORG_ID":"xxx", "TECHNICAL_ACCOUNT_ID":"xxx" }

Should I remove unnecessary variables from .Renviron file?

[nioniofr]

What is the difference between the get_me() query (which works for me) and the aw_get_metrics() wich generate errors:
Request failed [401]. Retrying in 2 seconds... Request failed [401]. Retrying in 1 seconds... Error in handle_api_errors(resp = req, body = body) : errorCode: invalid_token errorDescription: User associated with ims token could not be found or company not found.

Do we use the same JWT token in both cases?

[benrwoodard]

Yes, both situations use the same JWT but the get_me() function doesn't require the user to have any company permissions settings because it pulls back what the JWT project has access to. In the get_me() response data do you see the company id the report suite is under? When you look at the project permissions in developer.adobe.com, do they match what is required according to the documentation here: https://developer.adobe.com/analytics-apis/docs/2.0/guides/jwt/#permissions ?

[nioniofr]

It's good, I can pull data from API. I changed my project permissions (from developer to admin) and aw_workspace_report works correctly :-) Ben, thank you very much for your help. Adobeanalyticsr is a great tool !!!

P.S. By the way, in the beginning I wasted a lot of time finding out that in the aw_workspace_report the req_body = "" is the path to the json file and not the json string copied from Workspace as mentioned in R Help (lol).

[charlie-gallagher]

@nioniofr we actually do have a ticket to update that function (#117), and thanks for the comment! It's nice to know people are making good use of the package