Trying to access REST API

[andrew21111]

Preconditions

1. Have an account with admin privileges

Steps to reproduce

1. Create new integration
2. Set API permissions to ALL
3. Leave callback and identity link URL blank
4. Activate the integration

Expected result

1. Get consumer_key, consumer_secret, access_token, secret_token
2. Call the endpoint magentoBaseUrl/rest/V1/products/attributes
3. View results

Actual result

1. Get consumer_key, consumer_secret, access_token, secret_token
2. Call the endpoint magentoBaseUrl/rest/V1/products/attributes
3. { message: 'Client is not authorized to access %resources', parameters:{ resources: 'Magento_Sales::sales' } }

[magento-engcom-team]

Hello @andrew21111. Thanks for reporting. Do You mean here the Session-Based authentication?

[andrew21111]

No, I mean both Token-based and OAuth authentication. I correctly get the admin Bearer Token and I set correctly the header Authorization: "Bearer %token%" with the space between Bearer and the token itself. I tried with oauth, I can get the access token, but I still can't get access.

Magento installation runs on my own whm server which is centOS. Maybe I need to configure my server ?

2018-02-14 10:00 GMT+01:00 Magento Community Engineering < notifications@github.com>:

Hello @andrew21111 https://github.com/andrew21111. Thanks for reporting. Do You mean here the Session-Based authentication?

— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub https://github.com/magento/magento2/issues/13634#issuecomment-365538241, or mute the thread https://github.com/notifications/unsubscribe-auth/AhS0cGXmHbUlOdGS6fa-l9LQytaORG51ks5tUqClgaJpZM4SDpy- .

[magento-engcom-team]

Ok @andrew21111. Please watch our example video and tell us what we do not so as You mean. (We used not the search criteria that are required for Your endpoint, we just used product code, but search criteria should work as well). Integrations.zip

[andrew21111]

Thank you very much for your video ! I did exactly what you did, but I get a strange behaviour:

If I try to access to: rest/V1/products/attributes I get an error If I try to access to: rest/V1/products/attributes/price I get the results If I try to access to: rest/V1/orders I get an error If I try to access to: rest/V1/orders?searchCriteria[pageSize]=5 I get an error

I made a video too IntegrationTEST.mp4.zip

[magento-engcom-team]

Ok @andrew21111, we watched Your video and there are two things we'd like to emphasize. First is that it is really a bit strange for when You enter f.e. magentoBaseUrl/rest/V1/products/attributes without searchCriteria You get a response about being not authorized. In our video in such case as You may see the response says that there has been missed the searchCriteria which is a required thing here. For testing we always use a clear official Magento instance without any custom modules or changes in code as we can not take the responsibility for such things. You may try it Yourself (with the clear instance) - message should not be about not being authorised. Second is that when Your request contains the ?searchCriteria [pageSise=5] probably it is not a correct request. Please refer here for that matter: http://devdocs.magento.com/guides/v2.2/rest/performing-searches.html. We tried for example to get all the attributes that have wysiwyg enabled. For that our URL needed to be like this: magentoBaseUrl/rest/V1/products/attributes/? searchCriteria[filter_groups][0][filters][0][field]=is_wysiwyg_enabled& searchCriteria[filter_groups][0][filters][0][value]=1& searchCriteria[filter_groups][0][filters][0][condition_type]=eq (see also attached images).

So please tell us if that helps You to resolve Your issue. Thank You.

[andrew21111]

Thank you for you reply ! I tried magentoBaseUrl/rest/V1/products without searchCriteria and I receive searchCriteria missing message. I will test this with a clear Magento installation. I will update you asap !

[andrew21111]

I tried with a clean Magento installation and the problems are always the same, even with the response. how can I resolve ?

2018-02-15 15:55 GMT+01:00 Magento Community Engineering < notifications@github.com>:

Ok @andrew21111 https://github.com/andrew21111, we watched Your video and there are two things we'd like to emphasize. First is that it is really a bit strange for when You enter f.e. magentoBaseUrl/rest/V1/products/attributes without searchCriteria You get a response about being not authorized. In our video in such case as You may see the response says that there has been missed the searchCriteria which is a required thing here. For testing we always use a clear official Magento instance without any custom modules or changes in code as we can not take the responsibility for such things. You may try it Yourself (with the clear instance) - message should not be about not being authorised. Second is that when Your request contains the ?searchCriteria [pageSise=5] probably it is not a correct request. Please refer here for that matter: http://devdocs.magento.com/guides/v2.2/rest/performing-searches.html. We tried for example to get all the attributes that have wysiwyg enabled. For that our URL needed to be like this: magentoBaseUrl/rest/V1/products/attributes/? searchCriteria[filter_groups][0][filters][0][field]=is_wysiwyg_enabled& searchCriteria[filter_groups][0][filters][0][value]=1& searchCriteria[filter_groups][0][filters][0][condition_type]=eq (see also attached images).

[image: rest1] https://user-images.githubusercontent.com/31669971/36262371-e5f97cc4-126f-11e8-8810-5ffbcb870010.png [image: rest2] https://user-images.githubusercontent.com/31669971/36262372-e61a340a-126f-11e8-8b3d-befb9f998e82.png

So please tell us if that helps You to resolve Your issue. Thank You.

— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub https://github.com/magento/magento2/issues/13634#issuecomment-365950985, or mute the thread https://github.com/notifications/unsubscribe-auth/AhS0cJlZGTUogFCI6wXo5sU_ibSAN4Xeks5tVEVRgaJpZM4SDpy- .

[magento-engcom-team]

@andrew21111 lets clarify a bit what You expect to have with those requests. magentoBaseUrl/rest/V1/products/attributes - should be an error about searchCriteria missing. It's an expected behavior. magentoBaseUrl/rest/V1/products - should be an error about searchCriteria missing. It's an expected behavior. Even if You receive other error messages here, these requests are not supposed to bring You back any content except for error messages. In order to make them useful You need to add to them some searchCriteria. So could You be more precise on what You want to resolve please?

[andrew21111]

I try to get products, their attributes and orders using the routes;

magentoBaseUrl/rest/V1/products/attributes magentoBaseUrl/rest/V1/products magentoBaseUrl/rest/V1/orders

Of course, when I try a get request I use searchCriteria as you have shown me before, but I always receive the error 401.

If there's an error into the code, where I have to look for it ?

2018-02-16 8:18 GMT+01:00 Magento Community Engineering < notifications@github.com>:

@andrew21111 https://github.com/andrew21111 lets clarify a bit what You expect to have with those requests. magentoBaseUrl/rest/V1/products/attributes - should be an error about searchCriteria missing. It's an expected behavior. magentoBaseUrl/rest/V1/products - should be an error about searchCriteria missing. It's an expected behavior. Even if You receive other error messages here, these requests are not supposed to bring You back any content except for error messages. In order to make them useful You need to add to them some searchCriteria. So could You be more precise on what You want to resolve please?

— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub https://github.com/magento/magento2/issues/13634#issuecomment-366161258, or mute the thread https://github.com/notifications/unsubscribe-auth/AhS0cIIuppDWzZS_V2Q9kigyfjme7U8Vks5tVSu8gaJpZM4SDpy- .

[magento-engcom-team]

@andrew21111, could You please record us one more video where we'd be able to see an exact request You send. Thank You.

[magento-engcom-team]

@andrew21111 meaning after You've started to perform the requests according to devdocs - http://devdocs.magento.com/guides/v2.2/rest/performing-searches.html.

[andrew21111]

Ok, this is the video. I try to access : magentoBaseUrl/rest/V1/products/attributes?searchCriteria[filter_groups][0][filters][0][field]=is_wysiwyg_enabled& searchCriteria[filter_groups][0][filters][0][value]=true& searchCriteria[filter_groups][0][filters][0][condition_type]=eq

but I can't. Then I try to access:

magentoBaseUrl/rest/V1/products/attributes/price?searchCriteria[filter_groups][0][filters][0][field]=is_wysiwyg_enabled& searchCriteria[filter_groups][0][filters][0][value]=true& searchCriteria[filter_groups][0][filters][0][condition_type]=eq

and I successfully get the results.

Then, I try to access orders: magentoBaseUrl/rest/V1/orders?searchCriteria[filter_groups][0][filters][0][field]=statuses& searchCriteria[filter_groups][0][filters][0][value]=paid& searchCriteria[filter_groups][0][filters][0][condition_type]=eq

but I get error 401.

Finally, I try to access :

magentoBaseUrl/rest/V1/products/attributes/price?searchCriteria[filter_groups][0][filters][0][field]=category_id& searchCriteria[filter_groups][0][filters][0][value]=41& searchCriteria[filter_groups][0][filters][0][condition_type]=eq

And I get the results.

I have to say that I've anonymous access enabled.

IntegrationTEST2.mp4.zip

[magento-engcom-team]

It's really a pretty strange behavior @andrew21111. When You tested the issue on a clear instance, please confirm that it was a really clean and fresh instance meaning You'd just downloaded and installed it from official magento site, created a totally empty database for it and thus started to test.

[andrew21111]

Yes, I can confirm I tried Magento installation downloaded at https://magento.com/tech-resources/download. So I turned back to the previous installation. I Noticed that when I try to access the marketplace, the browser gives me these errors:

Could be this linked to the previous issue ? May it be a server configuration problem ?

[magento-engcom-team]

@andrew21111, yet please specify the operating system You are running on.

[andrew21111]

Sorry, the server is Apache ( with cPanel ) running on CentOS 7.4

[magento-engcom-team]

And @andrew21111, what about Your admin user under which You created the integration - does it have access to all resources?

[andrew21111]

Yes

I tried even with different users. I'm really sorry, but I'm completely new to this so I'm trying to learn

[magento-engcom-team]

@andrew21111 would You please go to System->User Roles. Open Your Role in the Grid, then under ROLE INFORMATION click on Role Resources and watch whether Resource Access is set to All.

[andrew21111]

Yes, it set to all

[magento-engcom-team]

@andrew21111 Its not likely to be so but still maybe the answers to the following question will give us some hint where to find the roots of Your issue.

1. As we see You have two more admin users without names. How did You manage to do that when Name is a required field for a user to get created?
2. How do You manage to get API responses in Italian? Thank You.

[andrew21111]

Actually, the name of the other two admin account exists but the page was still loading when I captured the screen. About the API responses in italian, I installed italian language extension manually

2018-02-23 9:37 GMT+01:00 Magento Community Engineering < notifications@github.com>:

@andrew21111 https://github.com/andrew21111 Its not likely to be so but still maybe the answers to the following question will give us some hint where to find the roots of Your issue.

1. As we see You have two more admin users without names. How did You manage to do that when Name is a required field for a user to get created?
2. How do You manage to get API responses in Italian? Thank You.

— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub https://github.com/magento/magento2/issues/13634#issuecomment-367944594, or mute the thread https://github.com/notifications/unsubscribe-auth/AhS0cJamU7F-jqcC1jYGftXJaQEgPT3oks5tXnjegaJpZM4SDpy- .

[magento-engcom-team]

Ok, @andrew21111. Earlier You said You had tried to fulfill Your request on a clear Magento instance. Had You used there this Italian extension too?

[andrew21111]

Yes, I used this extension too, could be this the problem ?

2018-02-26 9:30 GMT+01:00 Magento Community Engineering < notifications@github.com>:

Ok, @andrew21111 https://github.com/andrew21111. Earlier You said You had tried to fulfill Your request on a clear Magento instance. Had You used there this Italian extension too?

— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub https://github.com/magento/magento2/issues/13634#issuecomment-368424909, or mute the thread https://github.com/notifications/unsubscribe-auth/AhS0cAaxdA7NAPVTzSMQRoXwRMtEEN4nks5tYmu8gaJpZM4SDpy- .

[magento-engcom-team]

@andrew21111, Why not if this extension touches web API code. So please, once more, download the clear instance, Don't use there any third-party modules, extensions, themes, etc. Let there be nothing except for what comes with it by default "from the box". Those extra things should not just have been disabled - they must not have been installed at all when You test the issue on a fresh instance. That's because many extensions after having been disabled do not just correctly stop working but in stead they bring some malfunctioning to the instance work.

[magento-engcom-team]

@andrew21111, we are closing this issue due to inactivity. If you'd like to update it, please reopen the issue.