Skip to main content

We are using the odata api to integrate our Thinkwise solution in our Devops Pipeline. Currently it's just a bunch of powershell scripts, but soon we'll be moving to a Devops Pipeline.

However the API is showing some strange behaviour when I call it from powershell. The first time I make the call below from Powershell it all works fine, but on subsequent calls I get a 403. If I wait some time, the issue seems to resolve itself, and I can make a single call again.

I don't have the same issue from Postman. I can do all the calls I want there. There are no entries in the indicium logs for the 403 either way.

 

Hello ​@Joey van Gentevoort,

My best guess is that you are running into the maximum number of sessions per user on the vsp_prod application in IAM. Do you have a max number of session configured?

IAM - Applications

This is pretty much the only cause that explains every aspect of the problem that you’re describing.

To sum up:

  • Indicium gives a 403 response when an application is requested by a user who already has the maximum number of sessions active.
  • You don’t experience this problem in Postman because it automatically handles cookies for you, which causes each request to be seen as the same session.
  • You do experience this issue in your PowerShell script because you’re not processing the Set-Cookie response headers and passing along these values in Cookie headers on the subsequent requests. This is probably also not very feasible because of the nature of your integration.

There are several solutions for this problem, but given your situation, the best one would be to exclude the user that you’re authenticating with in PowerShell from the Max. # sessions per account:
 

IAM - Users


I hope this helps.

Thanks ​@Vincent Doppenberg that was the answer I was looking for. I removed the max sessions in this case, because it wasn't that relevant for this application. Also, I didn't have the ‘Exclude from max. # sessions’ option? Is this a new feature in the 2024 IAM?

Is this a new feature in the 2024 IAM?

Not quite as new: 2023.2 | Thinkwise Documentation

Reply


Terms & ConditionsCookie settings