I'm trying to get feedback for push notifications, as described here: https://learn.microsoft.com/en-us/previous-versions/azure/reference/mt705560(v=azure.100).
Upon success, an Azure Storage Container URL is returned, complete with authentication token.
I have the URL:
https://pushpnsfb9bf61499e7c8fe.blob.core.windows.net/00000000002002698042?sv=2015-07-08&sr=c&sig=KbF1GtORNzAaCZH9UP7UFi9wMOYBmBgL%2BXLG3Qau9U0%3D&se=2020-08-29T19:10:17Z&sp=rl
But requesting it returns an authentication error:
<Error>
<Code>AuthenticationFailed</Code>
<Message>Server failed to authenticate the request. Make sure the value of Authorization header is formed correctly including the signature...</Message>
<AuthenticationErrorDetail>Signature did not match. String to sign used was... </AuthenticationErrorDetail>
</Error>
I am trying to follow the docs at https://learn.microsoft.com/en-us/azure/storage/blobs/storage-blob-service-sas-create-dotnet?tabs=dotnet#create-a-service-sas-for-a-blob-container. The URL has sr=c, which seems to mean I need a "SAS for a blob container".
But where do I get the token? The returned URL has a sig querystring parameter - I tried using that to sign the request, but it didn't work.
What am I doing wrong?
When we call the Get Platform Notification Services (PNS) feedback rest api, we will get a container url with sas token. And the sas token has read and list permissions at container level. So we can use azure blob rest api to read the content, properties, metadata or block list of any blob in the container or list blobs in the container with the token. For more details, please refer to here
For example
Get container url
Test
a. list blobs
GET https://pushpnsfb2f34ecd6733e74.blob.core.windows.net/00000000002000276266?
<sas token e.t. sv=2015-07-08&sr=c&sig=SQodHcRM6p04ag9rJZBqPDmr1NMd%2FbIWoPzMZrB9TpI%3D&se=2020-09-02T05%3A28%3A07Z&sp=rl>
&restype=container&comp=list
b. read blob content
GET GET https://pushpnsfb2f34ecd6733e74.blob.core.windows.net/00000000002000276266/<blob name>?
<sas token e.t. sv=2015-07-08&sr=c&sig=SQodHcRM6p04ag9rJZBqPDmr1NMd%2FbIWoPzMZrB9TpI%3D&se=2020-09-02T05%3A28%3A07Z&sp=rl>
For more details about Azure Blob rest api, please refer to here.
Related
I want to retrieve data from a data warehouse that has a web-based API, I need to use an API key for authentication and use the GET / Customers command to retrieve the list of customers data, but when I am using that same thing in postman, it's returning the same documentation page of the data warehouse?
I am new to this any help will be really appreciated.
The URL doesn't look valid:
You need a base URL, endpoint, http method, authentication scheme, and credential or a token etc.
I don't know details about your system and API, so let's see an example:
base url is https://stackoverflow.com; your current base url is localhost:4444, is your server running on your machine? If so, it might be correct, but I assumer you're talking about a server running somewhere else, not on your computer
endpoint (path parameter) is /questions/69883697, in your case /customers
http method is GET and you find it here in Postman; it also means it will not go into query parameters where you put it:
authentication scheme - your docs mentions an api key that goes into a header called Authorization, so you have to set it in Headers, not as a query parameter:
Read carefully what's on your screen, Postman uses the same language as your API documentation, so if your doc speaks about headers, you need to go into Headers tab in Postman.
I have a Basic API connection from Recurly. I want to use that API to get data about my Data Base using Azure Data Factory. I created ls_RestAPI, created ds_RestAPI and created 1 pippeline to proceed to get the data. But there are some problems. My API has Basic Auth as username and no password (Postman Image), header is Accept and Authorization.
When I start connecting it using ADF, it throws an error due to incorrect syntax. I have provided pictures for you to understand easily.
I tried to remove or edit Accept and Authorization but it still doesn't work:
How can I reconfigure it properly to be able to get data from the above API?
My aim is that after running, Rest API can call all Next Page of API in 1 run. So I use:
"paginationRules": {
"AbsoluteUrl": "$.next"
but now I have the problem that I can't connect to the API.
ADF Rest connector only expects a Json response. This is mentioned as a warning in one of your screenshots.
As a result, this is overriding what you have entered for Accept Header.
Could you try firing this API call from some other service like Logic apps?
I need to read/write an azure storage table.
The client program is configured to use a shared access signature to read/write remote azure table.
Can anyone give me a good example of how to construct the authorization header in order to use the sas?
I am getting HTTP error code 403.
Microsoft documentation specified that all the rest API will have to be embedded with an authorization header. By default, the documentation suggests that I can use the storage account access key to generate the HMAC-SHA code for the authorization header. I think I am missing something here.
The whole idea of using a shared access signature (SAS) is to protect the storage account access key. At the same time, the doeumentation seems to suggest that the storage account owner needs to provide the account access key so the client can use the access key to generate the HMAC-SHA code. What am I missing here? can anyone shed some light here? Thanks,
If you're using sas_token in the request url, then you don't need to provide Authorization in the header.
How to check which header should be provided? in the related api page -> go to the Request Headers section -> check each header, if the header is required, then it will be described in it's Description. Here is a screenshot for your reference:
Here are the steps to query entities by using sas_token:
1.Generate sas_token from azure portal. You can refer to the screenshot below:
2.Check which header are required, as per query-entities -> request-headers, we know x-ms-date is required(Authorization is not required here since we're using sas_token). You can provide a value for x-ms-date, like Wed, 13 Jan 2021 01:29:31 GMT.
If you don't know how to get the value for x-ms-date header, you can open powershell -> type Get-Date command -> then it will generate the date:
3.Prepare the request url with sas_token, like below:
https://xxx.table.core.windows.net/testtable(PartitionKey='a1',RowKey='r11')?sv=2019-12-12&ss=t&srt=sco&sp=rwdlacu&se=2021-01-13T09:24:58Z&st=2021-01-13T01:24:58Z&spr=https&sig=xxxxx
4.Use some tools like Postman, send the request with proper header. Here is the test result by using Postman:
I'm working on building a powershell script to update user's profiles in Yammer. I need to be able to update users' subscriptions (followers) in their yammer profile and in order to do that, I need to get an auth token for that user (impersonation). According to Yammer's api documentation (https://developer.yammer.com/docs/impersonation), I need to be a verified admin (I am). I've registered my app with Yammer, I have a bearer token for my app which I'm passing in the auth header, and I'm passing in the consumer key and user_id for whom I want to impersonate in the api request query string. The api is responding with a 400 - Bad Request. The error message states that the request cannot be fulfilled due to bad syntax. I'm testing this using Postman. I am sending a GET request to the API as shown below. Obviously, I have actual values for the userId and consumerKey values. Does anything appear incorrect with this query and/or does anyone have any experience with this api that could possibly share some insight?
https://www.yammer.com/api/v1/oauth/tokens.json?user_id=userId&consumer_key=consumerKey
The specification here
http://msdn.microsoft.com/en-us/library/windowsazure/jj710106.aspx
states that the response body contains the "original authentication token". However, even in the example it is different from the one originally sent to the server. What is the difference between these different tokens, why are they called the same and how should they be used?
The documentation is incorrect. The token sent to the service is a Live SDK token; the token returned by the service is an Azure Mobile Services token. It currently wraps the given token, adding more information specific to the mobile service, but that's an implementation detail which can change in the future (in other words, you should always treat the token returned by the call as an opaque blob of data) - as long as you keep passing that token along in subsequent calls, those calls will consider to be authenticated.
I'll pass this information along to the team to have them fix the documentation, thanks for pointing it out.