Question

Not able to Get or Post data in Creatio using api basic authentication of pass BPMCSRF key and value in Header

15:51 Apr 10, 2024

Hi Expert ,

I am trying to use Creatio api with basic authentication . I am following below links :

https://documenter.getpostman.com/view/10204500/SztHX5Qb#46f97170-d66d-…;

NotWorking in PostMan : As per documention it's not working in postman. Stored BPMCSRF value from Response Header Cookie of Token Request and call get api with BPMCSRF / ForceUseSession headers key with it's value .Removed cookies from get request. Send the the get request it's giving a html response without any error details.

Working in PostMan : In PostMan Send Token request then send get request (https://steuler.creatio.com/0/odata/Product?$top=1) without set any Header keys it's working fine. In this scenario i can see token request response header cookie values are sending bydefault by Postman in the get request.

NotWorking in Consol Application : As per 2nd scenario i am trying to send a Get api request with token generate Response header cookies values but it's showing html error without any error details

NotWorking in Consol Application : As per documentation Stored BPMCSRF value from Response Header Cookie of Token Request and call get api with BPMCSRF / ForceUseSession headers key with it's value .But showing html error without any error details.

i have attached my screen shots for reference.From my side any configuraration need to be changed Creation envionment for that my scenario Can you give me any proper documents which i can follow and will be worked ?

below is my console application code :

// Create HttpClient

using (HttpClient httpClient = new HttpClient())

{

// Create HttpRequestMessage

HttpRequestMessage request = new HttpRequestMessage(HttpMethod.Get, @"https://steuler.creatio.com/0/odata/Product?$top=1");

// Set request headers

request.Headers.Add("Accept", "application/json");

request.Headers.Add("ForceUseSession", "true");

request.Headers.Add("BPMCSRF", "YtuvyS.WPYmW5BChY5anK.");

// Send the request

HttpResponseMessage response = httpClient.SendAsync(request).ConfigureAwait(false).GetAwaiter().GetResult();

// Check response status

if (response.IsSuccessStatusCode)

{

string responseData = response.Content.ReadAsStringAsync().ConfigureAwait(false).GetAwaiter().GetResult();

}

}

Thanks and Regards

Surajit Kundu

2 comments

Ryan Farley

18:46 Apr 10, 2024

I don't see in your code the call to authenticate. I assume that you're previously calling /ServiceModel/AuthService.svc/Login somewhere to get the BPMCSRF value? See https://documenter.getpostman.com/view/10204500/SztHX5Qb#46f97170-d66d-…

Note, the BPMCSRF value doesn't last forever, so it does need to be a recently obtained value.

This article shows the complete steps for executing requests via Postman which might help: https://academy.creatio.com/docs/8.x/dev/development-on-creatio-platfor…

Ryan

Surajit kundu

20:44 Apr 11, 2024

Ryan Farley,

Thanks for your reply . Below is my token generation code from where i have taken cookies value for my 2nd request .Before i have not attached that token generation part as these is working fine. In postman it's working fine using Cookies based authentication.In my Console application i am sending all the Cookies (BPMLOADER, .ASPXAUTH, BPMCSRF, and UserName) as a Header Key and value in further requests to Creatio services that use cookie-based authentication but it's showing Html Error ?

static async Task<Dictionary<string, string>> TokenGenerateDictionary()

{

var headerCookies = new Dictionary<string, string>();

using (var client = new HttpClient())

{

client.DefaultRequestHeaders.Accept.Add(new MediaTypeWithQualityHeaderValue("application/json"));

using (var request = new HttpRequestMessage(HttpMethod.Post, @"https://steuler.creatio.com/ServiceModel/AuthService.svc/Login"))

{

request.Content = new StringContent($"{{\"UserName\":\"ram\",\"UserPassword\":\"abcd\"}}", Encoding.UTF8, "application/json");

var response = client.SendAsync(request).Result;

var responseString = await response.Content.ReadAsStringAsync();

JObject responseJson = JObject.Parse(responseString);

int code = (int)responseJson["Code"];

if (code == 0 && response.IsSuccessStatusCode)

{

foreach (string setCookieHeader in response.Headers.GetValues("set-cookie"))

{

string[] cookies = setCookieHeader.Split(';');

if (cookies.Length > 0)

{

string[] keyValue = cookies[0].Trim().Split('=');

if (keyValue.Length == 2)

{

string key = keyValue[0];

string value = keyValue[1];

if (!headerCookies.Keys.Contains(key))

headerCookies.Add(key, value);

}

}

}

}

}

}

return headerCookies;

}

Request Get Operation send cookies in Header Key :

var tokenHeaderCookiesData = TokenGenerateDictionary().ConfigureAwait(false).GetAwaiter().GetResult();

string requestUri = @"https://steuler.creatio.com/0/odata/Product?$top=1";

using (HttpClient httpClient = new HttpClient())

{

HttpRequestMessage request = new HttpRequestMessage(HttpMethod.Get, requestUri);

foreach (string key in tokenHeaderCookiesData.Keys)

{

//BPMLOADER, .ASPXAUTH, BPMCSRF, and UserName

if (key== "BPMLOADER" || key == ".ASPXAUTH" || key == "BPMCSRF" || key == "UserName")

request.Headers.Add(key, tokenHeaderCookiesData[key]);

}

HttpResponseMessage response = httpClient.SendAsync(request).ConfigureAwait(false).GetAwaiter().GetResult();

string responseData = response.Content.ReadAsStringAsync().ConfigureAwait(false).GetAwaiter().GetResult();

}

Html Error Response with status OK:

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" culture="en-US">

<head><meta http-equiv="X-UA-Compatible" content="IE=Edge" /><meta name="fontiran.com:license" content="LAXSN" /><meta http-equiv="Content-Type" content="text/html; charset=utf-8" /><title>

   Creatio

</title>

   <style>

       .font-preload {

           position: absolute;

           opacity: 0;

       }

       .font-preload-open-sans {

           font-family: "Bpmonline Open Sans";

       }

       .font-preload-open-sans-light {

           font-family: "Bpmonline Open Sans Light";

       }

       .font-preload-open-sans-bold {

           font-family: "Bpmonline Open Sans Bold";

       }

   </style>

<script type="text/javascript" src="https://steuler.creatio.com//core/8dc3ccad339641a4ecd1ecb0b57f017d/Terr…"></script>

<script type="text/javascript" src="https://steuler.creatio.com/api/ClientScript/GenerateLoginScripts"></script>

<script type="text/javascript" src="https://steuler.creatio.com//core/057665f97324038f6c7c326b6734de6b/requ…" data-main="https://steuler.creatio.com//core/0fbfa51b1de27f89696f0f8d31da5f16/Terr…" async></script>

<script type="text/javascript"></script>

</head>

<body>

   <div class="font-preload">

       <span class="font-preload-open-sans">_</span>

       <span class="font-preload-open-sans-light">_</span>

       <span class="font-preload-open-sans-bold">_</span>

   </div>

   <form name="IndexForm" method="post" action="./NuiLogin.aspx?ReturnUrl=%2f0%2fodata%2fProduct%3f%24top%3d1&%24top=1" id="IndexForm">

<input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="+mvmSAOrSFVSNU1VvvnnAv5lt45aMHGRIkN033uMqlv/X2Fn2421RrzZayJqLBBTzwEnVTCtLeOrFnkbGP1c32c1p4dJwgJeute2MMWvNkRY1wHA" />

Thanks

Surajit Kundu

Show all comments