Error: Cannot login via API directly

forest · April 1, 2025, 7:07am

When trying to Retrieve auth token via API:

curl --location 'https://api.openconceptlab.org/users/login/' \
--header 'Content-Type: application/json' \
--data '{
    "username": "uuuuu",
    "password": "ppppp"
}'

I got the follwowing response (400 Bad Request):

{
    "error": [
        "Single Sign On is enabled in this environment. Cannot login via API directly."
    ]
}

forest · April 1, 2025, 7:12am

And when trying to Create a new concept in my demo source (Using Bearer Token or OAuth 2.0, and the API Token from my Profile):

curl --location 'https://api.openconceptlab.org/users/forest/sources/MyDemoSource/concepts/' \
--header 'Content-Type: application/json' \
--header 'Authorization: Bearer ***' \
--data '{
    "id": "12845003",
    "external_id": "12845003",
    "concept_class": "Laboratory Procedure",
    "datatype": "N/A",
    "names": [
        {
            "name": "Malaria smear",
            "external_id": "14",
            "locale": "en",
            "locale_preferred": "true",
            "name_type": "Designated Preferred Name"
        }
    ]
}'

I got the follwowing response (401 Unauthorized):

{
    "detail": "Token verification failed"
}

The response when no auth provided (401 Unauthorized):

{
    "detail": "Authentication credentials were not provided."
}

jamlung · April 1, 2025, 3:12pm

@sny Can you help with this?

forest · April 1, 2025, 10:17pm

Thank you very much, @jamlung .

Sny · April 2, 2025, 2:59am

@forest Once you login via TermBrowser, you should go to your profile and there you will see an option of Copying API Token. Use that in API as “Token *****”

forest · April 2, 2025, 5:58am

Yes, it’s exactly what I did. But why is the token not working?

Sny · April 2, 2025, 6:53am

The request that you have added has “Bearer” in it, can you change it to “Token” – “Token XXXXX”
Also can you tell how long is your token?

forest · April 2, 2025, 7:18am

In Postman:

Failed Cases:
When Using Bearer Token for Authorization with ‘Bearer’ as Header Prefix

curl --location 'https://api.openconceptlab.org/users/forest/sources/MyDemoSource/concepts/' \
--header 'Content-Type: application/json' \
--header 'Authorization: XXXXXXXX' \
--data '{ ...}'

When Using OAuth 2.0 for Authorization

curl --location 'https://api.openconceptlab.org/users/forest/sources/MyDemoSource/concepts/' \
--header 'Content-Type: application/json' \
--header 'Authorization: XXXXXXXX' \
--data '{ ...}'

Working Case:
When Using OAuth 2.0 for Authorization with ‘Token’ as Header Prefix

curl --location 'https://api.openconceptlab.org/users/forest/sources/MyDemoSource/concepts/' \
--header 'Content-Type: application/json' \
--header 'Authorization: XXXXXXXX' \
--data '{ ...}'

That is to say, the value of the key Authorization should be **Token** XXXXXX rather than **Bearer** XXXXXX (default prefix).

The API Token length is 40 characters.

My question is solved now!

Thank you so much, @Sny and @jamlung