Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1406
Views
7
Helpful
4
Replies

APIC-EM 1.6 discovery API using POST request returns a 403

Go to solution
n.dambrosio
Level 1
Level 1

‎01-18-2018 01:16 PM - edited ‎03-01-2019 04:42 AM

All,

I am having a problem running a python script that makes an API call to APIC-EM discoveries in order to build new discoveries to pull in new devices into APIC.

According the API documentation the a 403 error is this:

The server recognizes the authentication credentials, but the client is not authorized to perform this request.

The creds I am using are Internal users and set to Admin_Role with ALL.I don't see any other place add additional permissions to the users. Below is the script output from the python script.

https://pnp.ssg.petsmart.com/api/v1/discover

{'content-type': 'application/json', 'x-auth-token': 'ST-6621-fYkMLTtQRJTKddM7AWYm-cas'}

C:\Program Files (x86)\Python36-32\lib\site-packages\urllib3\connectionpool.py:858: InsecureRequestWarning: Unverified HTTPS request is being made. Adding certificate verification is strongly advised. See: https://urllib3.readthedocs.io/en/latest/advanced-usage.html#ssl-warnings

  InsecureRequestWarning)

Traceback (most recent call last):

  File "C:/Users/nd'ambrosio/Documents/Centralized Voice/PythonScript/windows/get-store-loc-hrs-audio-files-v2.py", line 242, in <module>

    startDiscovery(ip_range, controller, theTicket, store_num)

  File "C:/Users/nd'ambrosio/Documents/Centralized Voice/PythonScript/windows/get-store-loc-hrs-audio-files-v2.py", line 187, in startDiscovery

    raise Exception(response.status_code)

Exception: 403

<Response [403]>

Here is a screen shot taken from Postman that offer an odd CSRF error:

<!doctype html><html><head><meta http-equiv="content-type" content="text/html; charset=utf-8"><meta charset="utf-8" /><title> - APIC - Enterprise Module</title><meta name="viewport" content="width=device-width, initial-scale=1"><meta name="theme-color" content="#28cdc1"><link href="https://community.cisco.com/fonts/font-awesome-4.5.0/css/font-awesome.min.css" rel="stylesheet"><link rel="stylesheet" href="https://community.cisco.com/core/css/common.css" /><script type="text/javascript" src="/libs/socketio.js"></script><script type="text/javascript" src="/core/requirejsAdmin.js"></script><script type="text/javascript" src="/libs/apic-em.js"></script></head><body>

<!doctype html><html><head><meta charset="utf-8" /><title>Error</title></head><body><h1>invalid csrf token</h1><h2></h2><pre></pre></body></html></body>

</body></html><script type="text/javascript"  nonce="">

  window.appcontext = {

    name: "",

    uuid: ""

  };

  window.GRAPEVINE_API_URL_PREFIX = "/apic/grapevine/api";

  window.API_URL_PREFIX = "/apic/api/v1";

  window.API_URL_PREFIX_V0 = "/apic/api/v0";

  window.CSRF = "";

</script>

Labels:
1 Accepted Solution

Accepted Solutions

Go to solution
aradford
Cisco Employee
Cisco Employee

‎01-18-2018 03:18 PM

Hi Nicholas,

did you mean to use https://pnp.ssg.petsmart.com/api/v1/discovery (with a "y")?

The correct URL is '/discovery' not '/discover'

Adam

View solution in original post

0 Helpful
4 Replies 4

Go to solution
aradford
Cisco Employee
Cisco Employee

‎01-18-2018 03:18 PM

Hi Nicholas,

did you mean to use https://pnp.ssg.petsmart.com/api/v1/discovery (with a "y")?

The correct URL is '/discovery' not '/discover'

Adam

0 Helpful

Go to solution
n.dambrosio
Level 1
Level 1
In response to aradford

‎01-19-2018 08:36 AM

Oh my goodness. i have been staring at code for a week now and even rebooted my APIC server. Yup, that was it. I must have left the "y" off when i copied the URL.

Thank you so very much.

https://pnp.ssg.petsmart.com/api/v1/discovery

{'content-type': 'application/json', 'x-auth-token': 'ST-8334-BeSb0pvrb5rFFUg1PcaS-cas'}

C:\Program Files (x86)\Python36-32\lib\site-packages\urllib3\connectionpool.py:858: InsecureRequestWarning: Unverified HTTPS request is being made. Adding certificate verification is strongly advised. See: https://urllib3.readthedocs.io/en/latest/advanced-usage.html#ssl-warnings

  InsecureRequestWarning)

<Response [202]>

C:\Program Files (x86)\Python36-32\lib\site-packages\urllib3\connectionpool.py:858: InsecureRequestWarning: Unverified HTTPS request is being made. Adding certificate verification is strongly advised. See: https://urllib3.readthedocs.io/en/latest/advanced-usage.html#ssl-warnings

  InsecureRequestWarning)

Discovery Task Successfully Initiated

Process finished with exit code 0

Go to solution
n.dambrosio
Level 1
Level 1
In response to n.dambrosio

‎01-19-2018 08:38 AM

Can you comment again so that i can click "correct answer".

Go to solution
aradford
Cisco Employee
Cisco Employee
In response to n.dambrosio

‎01-19-2018 10:37 AM

Hi Nicholas,

we have all done that before.  The forums are here to help.

Glad it was a quick fix.

I actually recognised the payload from Postman from my <many> fat fingerings of URL...

Adam

0 Helpful
Customers Also Viewed These Support Documents