Query with getting JWT token, Headers and Body

Hi DCorey,

Thanks for your post! Per your questions:
(1)Please specify the request type as "application/x-www-form-urlencoded", with two parameters "scope=tenant_access&grant_type=client_credentials"

(2)This API uses standard Basic authentication, so you can either set the authentication username as your email, password as your password.

     Or, manually specify a request header "Authorization": "Basic {api_key}", where the {api_key} is the base64 encoded string of "{your_email}:{your_pwd}". For example, if your username is "[email protected]", password is "mypassword", the api_key should be "dXNlckBnbWFpbC5jb206bXlwYXNzd29yZA=="

Duo

Hi Duo

Thanks for reply :)

Error im getting now is

{"Invalid":"Scope or Grant Type invalid"}

So this is an error being returned by your systems I presume? If so that means I am at least getting a reponse from OneSpan even if error

As per your instruction above to use this  "scope=tenant_access&grant_type=client_credentials"  how do i frame this in the body 

eg

{

"scope=tenant_access&grant_type=client_credentials"

}

something like this?

Hi DCorey,

Which REST client are you using? Postman, SOAP UI, or Java/.NET REST code? 

Duo

Thanks for reply :)

I was trying to call the JWT within our automation software using a HTTP call, we use this to call JWTs internally, as well as to make POST and GET calls to other external organisations. I have attached an image example of this with a couple of fields filled out as an example of what we're working with 

I have SOAP UI, I can try getting JWT with that, can you add any guidance on endpoints in attached image?

Hi DCorey,

Thanks for the information! Will has corrected me that the request type should be "multipart/form-data" (from my testing, seems both urlencoded and form-data are accepted, but my example will be presented in form-data type).

Below screenshot shows you how to set up SOAP UI for this call:

(1)set Authorization header, or choose Basic authentication and supply username and pwd

(2)choose media type as "multipart/form-data" and check "Post QueryString"

(3)set two parameters as "QUERY" type, "METHOD" level

Just for your reference, the raw request could look similar to this:
 

POST https://gs.onespan.cloud/rpoc-saa/oauth/token HTTP/1.1
Accept-Encoding: gzip,deflate
User-Agent: qeqeqw
Authorization: Basic aGFyaXxxxxVDRjUk
Content-Type: multipart/form-data; boundary="----=_Part_2_1833548525.1629303270500"
MIME-Version: 1.0
Content-Length: 417
Host: gs.onespan.cloud
Connection: Keep-Alive

------=_Part_2_1833548525.1629303270500
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Content-Disposition: form-data; name="scope"

tenant_access
------=_Part_2_1833548525.1629303270500
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Content-Disposition: form-data; name="grant_type"

client_credentials
------=_Part_2_1833548525.1629303270500--
 

Duo

Hi Duo

I have set up as per image but am getting error message as per bottom of image "Error getting response..."

I've also included raw request below image

from your raw data in above post, I see you have User_Agent, Content-Length, Host and Connection which i don't have below, and you don't have any headers, are these fields returned in the raw request when the call is successful?

here is my raw request

POST https://gs.onespan.cloud/rpoc-saa/oauth/token HTTP/1.1
Accept-Encoding: gzip,deflate
Authorization: Basic ZGlXXxxxxBV 
Content-Type: multipart/form-data; boundary="----=_Part_26_5280363.1629372397358"
MIME-Version: 1.0

------=_Part_26_5280363.1629372397358
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Content-Disposition: form-data; name="scope"

tenant_access
------=_Part_26_5280363.1629372397358
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Content-Disposition: form-data; name="grant_type"

client_credentials
------=_Part_26_5280363.1629372397358--
 

a

Hi DCorey,

From the error message in your screenshot "Error getting response; java.net.UnknownHostException: gs.onespan.cloud", it sounds like to be related to the "Host" property in your request header. Normally the REST client would automatically calculate the Content-Length, User-Agent, and Host, not sure why it doesn't in your SOAP UI installation. Anyways, could you manually set a request header "Host: gs.onespan.cloud" and see if this resolves the error message?

Duo

Hi, same error unfortunately

POST https://gs.onespan.cloud/rpoc-saa/oauth/token HTTP/1.1
Accept-Encoding: gzip,deflate
Authorization: Basic ZGlxxxxBV
Content-Type: multipart/form-data; boundary="----=_Part_46_7581591.1629381257168"
MIME-Version: 1.0
Host: gs.onespan.cloud

------=_Part_46_7581591.1629381257168
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Content-Disposition: form-data; name="scope"

tenant_access
------=_Part_46_7581591.1629381257168
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Content-Disposition: form-data; name="grant_type"

client_credentials
------=_Part_46_7581591.1629381257168--
 

I see, still the same error "java.net.UnknownHostException", thus another guess is your machine or SOAP UI can't get an IP address for the host name "gs.onespan.cloud" or the URL was blocked by your IT's security policy. Do you need to specify extra proxy settings when testing via Blue Prism? Could you by any chance compose the same request body in Blue Prism, or try with another REST client?

Duo

Hi Duo

Got it to return the JWT token using Postman :)

I think Soap UI was having issues using our proxy like you suggested, the proxy works totally fine with PM, thanks again!