DCorey | Posts: 8

Query with getting JWT token, Headers and Body

0 votes

Hi

 

I'm starting the Rapid Proof Of Concept and am trying to get our automation software to return the JWT token using POST to https://gs.onespan.cloud/rpoc-saa/oauth/token

the body im sending looks like this, is this correct?

{
    "scope": "tenant_access",
    "grant_type": "client_credentials"
}

 

Also can you confirm how the Header should look, what fields it should have?

Should the header field Authorization have the username and password encoded as base64?

here are the instructions from your email

 

STEP 1:

  1. Get a JWT Token:
    1. Find generated password sent via this email to registration contact email address
    2. Send token request API to:
      1. POST https://gs.onespan.cloud/rpoc-saa/oauth/token
      2. Authorization: Basic Authentication (username = email, password = generated password)
      3. Body:
        1. scope = “tenant_access”
        2. grant_type = “client_credentials”
    3. Save token for all api calls from here in.

 

 

Thanks in advance


Duo_Liang | Posts: 3776

Reply to: Query with getting JWT token, Headers and Body

0 votes

Hi DCorey,

 

Thanks for your post! Per your questions:
(1)Please specify the request type as "application/x-www-form-urlencoded", with two parameters "scope=tenant_access&grant_type=client_credentials"

(2)This API uses standard Basic authentication, so you can either set the authentication username as your email, password as your password.

     Or, manually specify a request header "Authorization": "Basic {api_key}", where the {api_key} is the base64 encoded string of "{your_email}:{your_pwd}". For example, if your username is "[email protected]", password is "mypassword", the api_key should be "dXNlckBnbWFpbC5jb206bXlwYXNzd29yZA=="

 

Duo


DCorey | Posts: 8

Reply to:

0 votes

Hi Duo

 

Thanks for reply :)

Error im getting now is

{"Invalid":"Scope or Grant Type invalid"}

So this is an error being returned by your systems I presume? If so that means I am at least getting a reponse from OneSpan even if error

As per your instruction above to use this  "scope=tenant_access&grant_type=client_credentials"  how do i frame this in the body 

 

eg

{

"scope=tenant_access&grant_type=client_credentials"

}

 

something like this?


DCorey | Posts: 8

Reply to:

0 votes

Thanks for reply :)

I was trying to call the JWT within our automation software using a HTTP call, we use this to call JWTs internally, as well as to make POST and GET calls to other external organisations. I have attached an image example of this with a couple of fields filled out as an example of what we're working with 

 

I have SOAP UI, I can try getting JWT with that, can you add any guidance on endpoints in attached image?


Duo_Liang | Posts: 3776

Reply to:

0 votes

Hi DCorey,

 

Thanks for the information! Will has corrected me that the request type should be "multipart/form-data" (from my testing, seems both urlencoded and form-data are accepted, but my example will be presented in form-data type).

Below screenshot shows you how to set up SOAP UI for this call:
8-18-1

(1)set Authorization header, or choose Basic authentication and supply username and pwd

(2)choose media type as "multipart/form-data" and check "Post QueryString"

(3)set two parameters as "QUERY" type, "METHOD" level

 

Just for your reference, the raw request could look similar to this:
 

POST https://gs.onespan.cloud/rpoc-saa/oauth/token HTTP/1.1
Accept-Encoding: gzip,deflate
User-Agent: qeqeqw
Authorization: Basic aGFyaXxxxxVDRjUk
Content-Type: multipart/form-data; boundary="----=_Part_2_1833548525.1629303270500"
MIME-Version: 1.0
Content-Length: 417
Host: gs.onespan.cloud
Connection: Keep-Alive


------=_Part_2_1833548525.1629303270500
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Content-Disposition: form-data; name="scope"

tenant_access
------=_Part_2_1833548525.1629303270500
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Content-Disposition: form-data; name="grant_type"

client_credentials
------=_Part_2_1833548525.1629303270500--
 

 

Duo


DCorey | Posts: 8

Reply to: Query with getting JWT token, Headers and Body

0 votes

Hi Duo

I have set up as per image but am getting error message as per bottom of image "Error getting response..."

I've also included raw request below image

SOAP UI

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

from your raw data in above post, I see you have User_Agent, Content-Length, Host and Connection which i don't have below, and you don't have any headers, are these fields returned in the raw request when the call is successful?

 

here is my raw request

POST https://gs.onespan.cloud/rpoc-saa/oauth/token HTTP/1.1
Accept-Encoding: gzip,deflate
Authorization: Basic ZGlXXxxxxBV 
Content-Type: multipart/form-data; boundary="----=_Part_26_5280363.1629372397358"
MIME-Version: 1.0


------=_Part_26_5280363.1629372397358
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Content-Disposition: form-data; name="scope"

tenant_access
------=_Part_26_5280363.1629372397358
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Content-Disposition: form-data; name="grant_type"

client_credentials
------=_Part_26_5280363.1629372397358--
 

 

 

 

a


Duo_Liang | Posts: 3776

Reply to:

0 votes

Hi DCorey,

 

From the error message in your screenshot "Error getting response; java.net.UnknownHostException: gs.onespan.cloud", it sounds like to be related to the "Host" property in your request header. Normally the REST client would automatically calculate the Content-Length, User-Agent, and Host, not sure why it doesn't in your SOAP UI installation. Anyways, could you manually set a request header "Host: gs.onespan.cloud" and see if this resolves the error message?

 

Duo


DCorey | Posts: 8

Reply to: Query with getting JWT token, Headers and Body

0 votes

Hi, same error unfortunately

 

SOAP UI

POST https://gs.onespan.cloud/rpoc-saa/oauth/token HTTP/1.1
Accept-Encoding: gzip,deflate
Authorization: Basic ZGlxxxxBV
Content-Type: multipart/form-data; boundary="----=_Part_46_7581591.1629381257168"
MIME-Version: 1.0
Host: gs.onespan.cloud


------=_Part_46_7581591.1629381257168
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Content-Disposition: form-data; name="scope"

tenant_access
------=_Part_46_7581591.1629381257168
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Content-Disposition: form-data; name="grant_type"

client_credentials
------=_Part_46_7581591.1629381257168--
 

 

 

 

 


Duo_Liang | Posts: 3776

Reply to:

0 votes

I see, still the same error "java.net.UnknownHostException", thus another guess is your machine or SOAP UI can't get an IP address for the host name "gs.onespan.cloud" or the URL was blocked by your IT's security policy. Do you need to specify extra proxy settings when testing via Blue Prism? Could you by any chance compose the same request body in Blue Prism, or try with another REST client?

 

Duo


DCorey | Posts: 8

Reply to: Query with getting JWT token, Headers and Body

0 votes

Hi Duo

Got it to return the JWT token using Postman :)

I think Soap UI was having issues using our proxy like you suggested, the proxy works totally fine with PM, thanks again! 


Hello! Looks like you're enjoying the discussion, but haven't signed up for an account.

When you create an account, we remember exactly what you've read, so you always come right back where you left off