Question

Photo of Nelson Chan

0

Unable to get REST API Key working

I've went to the RockRMS demo site and got the "Presence" REST Key of "C5E93131DC7848B7AF9C5EA71F821ACB" I have been unable to get this key to work. I have added an HTTP Request header "authorization-token" with value of "C5E93131DC7848B7AF9C5EA71F821ACB" and it still gives me 401 error.

I've only found a basic PPT at https://www.rockrms.com/GetFile.ashx?Id=9985

I've even looked at the source code and there doesn't seem to be anything out of the ordinary.

https://github.com/SparkDevNetwork/Rock/blob/1dc11be324c250c6f4ea1c9a82532df15dfceb80/Rock.Rest/Filters/AuthenticateAttribute.cs

Although I couldn't tell if the headers are case sensitive.  Since Rock is using standard built-in function they shouldn't be case sensitive.

Anyone know how to get the REST API to function with the authorization-code?  This should have been a standard thing to get to work but it's been a whole day... I'm just not sure what's wrong what with what I'm doing.

Capture2.PNG

  • Photo of Nelson Chan

    1

    In addition to adding the KEY in Security -> REST Keys, you also then need to copy this key, and add it as part of an account to set the security in the Security -> User Accounts section.

    Untitled.png


    I've gotten this API Key to function for the demo site now.

    API Working.PNG


  • Photo of Integrations Team

    0

    In addition, you'll need to set a password when adding the Authorization-Token as a User Name for the user in the User > Profile > Security > User Account List.

    login.png


    However, after setting the login, I was still getting 401 Unauthorized with the following curl command.

    curl -X GET 'https://rock.rocksolidchurchdemo.com/api/Workflows' --header 'Accept: application/json'   --header 'Authorization-Token: C5E93131DC7848B7AF9C5EA71F821ACB'

    The Alisha Admin user seems to have enough permissions:

    security.png

    Is there another step to get this working?

  • Photo of Integrations Team

    0

    The steps to get this working from scratch are:

    1. Login as an administrator

    2. Create a Rest API key: Home > Security > REST Keys

    3. Edit the rest key you just created and note the rest ID in the URL. This is also a Person. (e.g. https://rock.rocksolidchurchdemo.com/admin/security/rest-keys/54)

    4. Go to the person's profile via the URL as they will not be searchable in the person directory (e.g. https://rock.rocksolidchurchdemo.com/person/54/security)

    5. Add them as a Staff Workers group member.

    6. Add the rest key as header Authorization-Token: <rest-key> to your API calls.

    See this chat for the nitty-gritty: https://chat.rockrms.com/channel/general?msg=TWsXpnxnGnDEFHRtQ

  • Photo of Jackson Uy

    0

    @Integrations Team,

    So you don't need to add a password to the user that you created a REST Key, right? All you need to do is to add the user to the Staff Workers group so it has access to the APIs, right?