Error: Cannot login via API directly

When trying to Retrieve auth token via API:

curl --location 'https://api.openconceptlab.org/users/login/' \
--header 'Content-Type: application/json' \
--data '{
    "username": "uuuuu",
    "password": "ppppp"
}'

I got the follwowing response (400 Bad Request):

{
    "error": [
        "Single Sign On is enabled in this environment. Cannot login via API directly."
    ]
}

And when trying to Create a new concept in my demo source (Using Bearer Token or OAuth 2.0, and the API Token from my Profile):

curl --location 'https://api.openconceptlab.org/users/forest/sources/MyDemoSource/concepts/' \
--header 'Content-Type: application/json' \
--header 'Authorization: Bearer ***' \
--data '{
    "id": "12845003",
    "external_id": "12845003",
    "concept_class": "Laboratory Procedure",
    "datatype": "N/A",
    "names": [
        {
            "name": "Malaria smear",
            "external_id": "14",
            "locale": "en",
            "locale_preferred": "true",
            "name_type": "Designated Preferred Name"
        }
    ]
}'

I got the follwowing response (401 Unauthorized):

{
    "detail": "Token verification failed"
}

The response when no auth provided (401 Unauthorized):

{
    "detail": "Authentication credentials were not provided."
}

@sny Can you help with this?

1 Like

Thank you very much, @jamlung .

@forest Once you login via TermBrowser, you should go to your profile and there you will see an option of Copying API Token. Use that in API as “Token *****”

Yes, it’s exactly what I did. But why is the token not working?

  1. The request that you have added has “Bearer” in it, can you change it to “Token” – “Token XXXXX”
  2. Also can you tell how long is your token?

In Postman:


Failed Cases:
When Using Bearer Token for Authorization with ‘Bearer’ as Header Prefix

curl --location 'https://api.openconceptlab.org/users/forest/sources/MyDemoSource/concepts/' \
--header 'Content-Type: application/json' \
--header 'Authorization: XXXXXXXX' \
--data '{ ...}'

When Using OAuth 2.0 for Authorization

curl --location 'https://api.openconceptlab.org/users/forest/sources/MyDemoSource/concepts/' \
--header 'Content-Type: application/json' \
--header 'Authorization: XXXXXXXX' \
--data '{ ...}'

Working Case:
When Using OAuth 2.0 for Authorization with ‘Token’ as Header Prefix

curl --location 'https://api.openconceptlab.org/users/forest/sources/MyDemoSource/concepts/' \
--header 'Content-Type: application/json' \
--header 'Authorization: XXXXXXXX' \
--data '{ ...}'


That is to say, the value of the key Authorization should be **Token** XXXXXX rather than **Bearer** XXXXXX (default prefix).

The API Token length is 40 characters.


My question is solved now!

Thank you so much, @Sny and @jamlung

1 Like