01-18-2018 01:16 PM - edited 03-01-2019 04:42 AM
All,
I am having a problem running a python script that makes an API call to APIC-EM discoveries in order to build new discoveries to pull in new devices into APIC.
According the API documentation the a 403 error is this:
The server recognizes the authentication credentials, but the client is not authorized to perform this request.
The creds I am using are Internal users and set to Admin_Role with ALL.I don't see any other place add additional permissions to the users. Below is the script output from the python script.
https://pnp.ssg.petsmart.com/api/v1/discover
{'content-type': 'application/json', 'x-auth-token': 'ST-6621-fYkMLTtQRJTKddM7AWYm-cas'}
C:\Program Files (x86)\Python36-32\lib\site-packages\urllib3\connectionpool.py:858: InsecureRequestWarning: Unverified HTTPS request is being made. Adding certificate verification is strongly advised. See: https://urllib3.readthedocs.io/en/latest/advanced-usage.html#ssl-warnings
InsecureRequestWarning)
Traceback (most recent call last):
File "C:/Users/nd'ambrosio/Documents/Centralized Voice/PythonScript/windows/get-store-loc-hrs-audio-files-v2.py", line 242, in <module>
startDiscovery(ip_range, controller, theTicket, store_num)
File "C:/Users/nd'ambrosio/Documents/Centralized Voice/PythonScript/windows/get-store-loc-hrs-audio-files-v2.py", line 187, in startDiscovery
raise Exception(response.status_code)
Exception: 403
<Response [403]>
Here is a screen shot taken from Postman that offer an odd CSRF error:
<!doctype html><html><head><meta http-equiv="content-type" content="text/html; charset=utf-8"><meta charset="utf-8" /><title> - APIC - Enterprise Module</title><meta name="viewport" content="width=device-width, initial-scale=1"><meta name="theme-color" content="#28cdc1"><link href="https://community.cisco.com/fonts/font-awesome-4.5.0/css/font-awesome.min.css" rel="stylesheet"><link rel="stylesheet" href="https://community.cisco.com/core/css/common.css" /><script type="text/javascript" src="/libs/socketio.js"></script><script type="text/javascript" src="/core/requirejsAdmin.js"></script><script type="text/javascript" src="/libs/apic-em.js"></script></head><body>
<!doctype html><html><head><meta charset="utf-8" /><title>Error</title></head><body><h1>invalid csrf token</h1><h2></h2><pre></pre></body></html></body>
</body></html><script type="text/javascript" nonce="">
window.appcontext = {
name: "",
uuid: ""
};
window.GRAPEVINE_API_URL_PREFIX = "/apic/grapevine/api";
window.API_URL_PREFIX = "/apic/api/v1";
window.API_URL_PREFIX_V0 = "/apic/api/v0";
window.CSRF = "";
</script>
Solved! Go to Solution.
01-18-2018 03:18 PM
Hi Nicholas,
did you mean to use https://pnp.ssg.petsmart.com/api/v1/discovery (with a "y")?
The correct URL is '/discovery' not '/discover'
Adam
01-18-2018 03:18 PM
Hi Nicholas,
did you mean to use https://pnp.ssg.petsmart.com/api/v1/discovery (with a "y")?
The correct URL is '/discovery' not '/discover'
Adam
01-19-2018 08:36 AM
Oh my goodness. i have been staring at code for a week now and even rebooted my APIC server. Yup, that was it. I must have left the "y" off when i copied the URL.
Thank you so very much.
https://pnp.ssg.petsmart.com/api/v1/discovery
{'content-type': 'application/json', 'x-auth-token': 'ST-8334-BeSb0pvrb5rFFUg1PcaS-cas'}
C:\Program Files (x86)\Python36-32\lib\site-packages\urllib3\connectionpool.py:858: InsecureRequestWarning: Unverified HTTPS request is being made. Adding certificate verification is strongly advised. See: https://urllib3.readthedocs.io/en/latest/advanced-usage.html#ssl-warnings
InsecureRequestWarning)
<Response [202]>
C:\Program Files (x86)\Python36-32\lib\site-packages\urllib3\connectionpool.py:858: InsecureRequestWarning: Unverified HTTPS request is being made. Adding certificate verification is strongly advised. See: https://urllib3.readthedocs.io/en/latest/advanced-usage.html#ssl-warnings
InsecureRequestWarning)
Discovery Task Successfully Initiated
Process finished with exit code 0
01-19-2018 08:38 AM
Can you comment again so that i can click "correct answer".
01-19-2018 10:37 AM
Hi Nicholas,
we have all done that before. The forums are here to help.
Glad it was a quick fix.
I actually recognised the payload from Postman from my <many> fat fingerings of URL...
Adam
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:
This community is intended for developer topics around Data Center technology and products. If you are looking for a non-developer topic about Data Center, you might find additional information in the Data Center and Cloud community