Unauthorized 401 error for CallBack Failure
Wednesday, March 6, 2024 at 10:08amWe have registered Callback Event Notification on OneSpan Sign Web UI and Key is getting gernerated correctly. However, I am receiving below error on email as OneSpan Sign Sadnbox access is assigned to me only.
We are able to generate the URL for NDA and storing on Opportunity object in Salesforce and we are receiving below errors -
Payload: {"@class":"com.silanis.esl.packages.event.ESLProcessEvent","name":"PACKAGE_ACTIVATE","sessionUser":"U5HU2N7UHN8U","packageId":"RzfsY9GOP_iZmQBOiZ3XKPBV9q8=","message":null,"documentId":null,"createdDate":"2024-03-05T21:27:58.590Z"}
Reason(s): status code: 401, reason phrase: 401: Unauthorized
Payload: {"@class":"com.silanis.esl.packages.event.ESLProcessEvent","name":"PACKAGE_CREATE","sessionUser":"U5HU2N7UHN8U","packageId":"RzfsY9GOP_iZmQBOiZ3XKPBV9q8=","message":null,"documentId":null,"createdDate":"2024-03-05T21:27:56.910Z"}
Reason(s): status code: 401, reason phrase: 401: Unauthorized
Could you please help to resolve this issue?
Thanks,
Ankit
Reply to: Unauthorized 401 error for CallBack Failure
Wednesday, March 6, 2024 at 10:52amHi Ankit,
Thanks for your post! If I understand your scenario correctly, you are integrating with OneSpan Sign Apex SDK from salesforce, and you want to monitor the callback events as well? If that's the case, have you followed my blog series on how to register an OAuth2 app in salesforce and configures OSS callback :
https://www.onespan.com/blog/onespan-sign-developers-oauth-event-notification-salesforce-part-1
https://www.onespan.com/blog/onespan-sign-developers-oauth-event-notification-salesforce-part-2
https://www.onespan.com/blog/onespan-sign-developers-oauth-event-notification-salesforce-part-3
Few noteworthy points I'd like to highlight:
(1)In Part2, it describes how to update the OneSpan Sign Callback service, it's not the callback you've specified in UI, please remove that from UI and follow the guide with a different API endpoint
(2)In order to trigger this callback versus the regular callback, you need to explictly set the “data” > “origin” : “OSS” in the transaction JSON. This could require you to modify the SDK source code a bit:
OneSpanAPIObjects.cls: line 244
public Data()
{
origin = 'OSS';
sdk = 'Apex v1.0';
}
Let me know how it works for you.
Duo
Reply to: Unauthorized 401 error for CallBack Failure
Thursday, March 7, 2024 at 05:44amHi Duo,
We have modified OneSpanAPIObjects class to change the Origin from Salesforce to OSS but for the first point that you mentioned when we are utilizing POST /api/callback with below payload:
Please note that we have generated Base64 Encoded Key using:
String inputString = '{"host": "test.salesforce.com","client_id": "3MxxxxY9.g==","refresh_token": "5AexxxxxxoK"}';
Blob binaryData = Blob.valueOf(inputString);
String base64String = EncodingUtil.base64Encode(binaryData);
system.debug('Base 64 - '+base64String);
{
"url": "https://xxxx.sandbox.my.salesforce.com/services/apexrest/OSS/callback",
"events": ["DOCUMENT_SIGNED","EMAIL_BOUNCE","KBA_FAILURE","PACKAGE_ACTIVATE","PACKAGE_ARCHIVE","PACKAGE_ATTACHMENT","PACKAGE_COMPLETE","PACKAGE_CREATE","PACKAGE_DEACTIVATE","PACKAGE_DECLINE","PACKAGE_DELETE","PACKAGE_EXPIRE","PACKAGE_OPT_OUT","PACKAGE_READY_FOR_COMPLETE","PACKAGE_RESTORE","PACKAGE_TRASH","ROLE_REASSIGN","SIGNER_COMPLETE","SIGNER_LOCKED","TEMPLATE_CREATE"],
"key": "eyJxxxxyJ9"
}
It registered successfully and added it on UI but we are still facing below error for each event notification:
URL:
Payload: {"@class":"com.silanis.esl.packages.event.ESLProcessEvent","name":"PACKAGE_CREATE","sessionUser":"U5HU2N7UHN8U","packageId":"2ZpiA7uVoxVWnn0XgEdfzLQpqDM=","message":null,"documentId":null,"createdDate":"2024-03-07T11:39:57.402Z"}
Reason(s): status code: 401, reason phrase: 401: Unauthorized
URL:
Payload: {"@class":"com.silanis.esl.packages.event.ESLProcessEvent","name":"PACKAGE_ACTIVATE","sessionUser":"U5HU2N7UHN8U","packageId":"2ZpiA7uVoxVWnn0XgEdfzLQpqDM=","message":null,"documentId":null,"createdDate":"2024-03-07T11:39:59.280Z"}
Reason(s): status code: 401, reason phrase: 401: Unauthorized
Thanks,
Ankit
Reply to: Unauthorized 401 error for CallBack Failure
Thursday, March 7, 2024 at 08:53amHi Ankit,
Are you developing with a US2 sandbox account with email of "[email protected]"? I've checked your account settings and seems the callback service wasn't registered successfully. I disabled your regular callback and enabled the connector callback for your account, can you try now and let me know if it works for you?
Duo
Reply to: Unauthorized 401 error for CallBack Failure
Thursday, March 7, 2024 at 04:00pmHi Duo,
I guess it is US2 Sandbox and email address is correct. I didn't check your response and hit the POST /api/callback one more time. This has added Callback URL and Key once again.
We have enabled the debug log and cleared the Callback URL and Key from UI. If you have enabled the callback connector for our account then how our rest API endpoint can listen to the callback events.
As event notification on Sandbox Integration UI is reset now. How would we test it if it works?
Thanks,
Ankit
Reply to: Unauthorized 401 error for CallBack Failure
Friday, March 8, 2024 at 08:46amHi Ankit,
Please use this GET call to double check your callback settings (instead of from UI):
GET /api/callback/connectors/salesforceOauth2
From what I can see, your account has been properly set up, please go ahead and create a transaction from APEX code and see if callback hits your listener.
Duo
Reply to: Unauthorized 401 error for CallBack Failure
Friday, March 8, 2024 at 10:14amHi Duo,
We have used API Endpoint methodGET /api/callback/connectors/salesforceOauth2 and it worked fine. Also enabled the debug log for Callback listener apex class and it worked.
Where did you enable for callback connector for our account?
Thanks,
Ankit
Reply to: Unauthorized 401 error for CallBack Failure
Friday, March 8, 2024 at 10:28amHi Ankit,
I did it from the backoffice, actually it should do the same as you invoke POST call, but it wasn't there when I checked your account. Let me test in my own account and let you know.
Dispite of that, when you go live to production, please reach out to support team directly ([email protected]) and ask to import the similar setup to your production account.
Duo
Reply to: Unauthorized 401 error for CallBack Failure
Friday, March 8, 2024 at 10:30amQuick update - the POST call to update connector callback service works for my Sandbox account.
Duo
Reply to: Unauthorized 401 error for CallBack Failure
Thursday, March 21, 2024 at 03:42pmHi Duo,
Thank you, all of your suggestion helped us to work in different Sandboxes. We went live yesterday, could you please help us to register the Callback for US1 PROD for [email protected] account?
Also, we registered callback in multiple sandboxes using Onespan Swagger - OneSpan Sign Sandbox | OneSpan Community Platform. How I can register it for Production environment?
Thanks,
Ankit
Reply to: Unauthorized 401 error for CallBack Failure
Friday, March 22, 2024 at 08:50amHi Ankit,
To set up Production account, please fill in an official support ticket ([email protected]) with your request.
To use swagger against production environment, you have to:
-either download the yaml file, modify the service URL, then load it in another swagger tool
-or use a REST API tool instead, like Postman
Because this can also be configured via backoffice, you can also ask our support agent to specify the settings for you.
Duo
Reply to: Unauthorized 401 error for CallBack Failure
Tuesday, March 26, 2024 at 02:14pmHi Duo,
We have reached out to OneSpan Support team and they confirmed that Callback is registered successfully for US1 PRD for [email protected] account. We are also able to receive 200 – OK response when working with GET /api/callback/connectors/salesforceOauth2 but it seems Callback is not registered with Onespan or some other issue.
We enabled the Debug Log for Callback Listener Apex Class as well and no logs generated for Apex Class. Customer will start signing NDA document from tomorrow. Could you please confirm if we are missing any steps or Configuration is pending for Prod?
Thanks,
Ankit