Solved

Odata OpenAPI

  • 10 October 2023
  • 7 replies
  • 90 views
M
Rank
Userlevel 1
Badge

Good Morning,

I am working on setting up an API so that a relationship of ours can retrieve selected data using the openAPI.

I created a JSON file from Thinkwise and imported it into Postman. The columns to which the group is entitled are only shown, which is good.

However, when I execute the "Get" request in Postman I do not get any values back. But if I use the identical URL in Google, I can retrieve the data.

Is there possibly an explanation for this or how to fix this?


Kind Regards, 

Marlo Veldkamp

icon

Best answer by Mark Jongeling 11 October 2023, 14:28

View original
This topic has been closed for comments

7 replies

Mark Jongeling
Rank
Userlevel 7
Badge +23

Hi Marlo,

Are you not receiving any data or is there an error occuring? Authentication is one thing that comes to mind. Could you share a screenshot of the request you are doing and the response after? Please blur any information that is potentially confidential.

On holiday May 6 - May 31
M
Rank
Userlevel 1
Badge

The request has status 200 OK, but now value are showing.

However, I'm getting the error ‘Unable to verify the first certificate’ in Postman


But when entering the URL in google I'm receiving data. 

 

Mark Jongeling
Rank
Userlevel 7
Badge +23

It is possible that Cookies are the troublemakers here. Postman likes to hold on to cookies which can result in a discrepancy between expectation and result. You can try to clear all cookies and retry.

Also, the authentication could be different from when you perform the GET request in the browser thus performing the request under a different user, and maybe a user with less rights to the data. 

Hope this helps!

On holiday May 6 - May 31
M
Rank
Userlevel 1
Badge

By Clearing the cookies I can now see the data in Postman, with my own account (has full rights in Thinkwise (TW)))
But the aurtorisation rights for the API account are incorrect as they no longer show the data. 

I've given that account read only rights for certain tables, and it should also see the data in these tables for the company ID that the account has rights to.
But there something went wrong as it is now not able to see any data. 

we have a User table in which we link company to the account.

As you can see below I have linked the specific company to the API test account.

I'm not completely sure if this would also work for the API, to only have right to the data of this company. 

Furthermore in the SF: Access Control > Model rights > Tables (Company) > Prefilter, I've the follow settings check. before I didn't have Always on Checked on. but then It would show all the data, all the companys in the tables. 

Do you perhaps have a hint what I have to change to give the account only the rights to see the data for the specific company.

 

 

 

Mark Jongeling
Rank
Userlevel 7
Badge +23

Assuming your are testing via the IAM metasource, once you have synchronized the roles and prefilters to IAM and the application is active, the API endpoints open up for it. The "Always on” will make sure the prefilter is enforced when interacting with Indicium and obtaining data for that table. It does require the "Visible” checkbox to be also checked. However, since it is Always on, the prefilter will not be shown to the user. Assuming the prefilter is functioning as intended, the table data should be filtered.

So, I think you only need to set Visible to be True and synchronize, then try again (after clering the cookies)

On holiday May 6 - May 31
M
Rank
Userlevel 1
Badge

I've checked the “visble” checkbox and synched the roles to the IAM. However, there is still something wrong, as there is still no data visible for the test account with restricted rights.

The prefilter works for as intended for user in the producntion application. If we assign a certain company, the user can only see the data of that company. I assumed this would also work in the same manner for the API account. Or am I wrong on that part?

 

I'll be at the TEC to work on Thinkwise, hopefully someone from Thinkwise has so time to give some assistance on what might be going wrong.
 

Mark Jongeling
Rank
Userlevel 7
Badge +23

I assumed this would also work in the same manner for the API account. Or am I wrong on that part?

The Universal GUI basically does API calls to Indicium, so there is no difference between the data set returned via the API and visible in the GUI. Hopefully you can find the answer in TEC indeed, I'm sure it's something small we’re overlooking 😄

On holiday May 6 - May 31
Terms & ConditionsCookie settings