Expand my Community achievements bar.

SOLVED

Getting Error "Api Key is invalid"

Avatar

Level 2
Level 2
10/1/21 12:56:46 PM

I am trying to do some api calls to assign users to groups. It looks like I successfully get the access token, but when I run the following call, I get the error.

 

 

curl -X POST -H "Content-type: application/json" -H "Accept: application/json" -H "x-api-key: ${api_key}" -H "Authorization: Bearer ${access_token}" https://usermanagement.adobe.io/v2/usermanagement/action/${org_id}?testOnly=true

 

 

I get this error:

{"error_code":"403003","message":"Api Key is invalid"}

 

This one is successful which makes me think my api key and access token are good:

 

 

curl -X GET -H "Authorization: Bearer ${access_token}" "https://ims-na1.adobelogin.com/ims/userinfo/v2?client_id=${api_key}"

 

 

 

Here's the payload I'm using for my JWT:

 

 

{
	"exp":${expiration},
	"iss":"${org_id}",
	"sub":"${tech_acct}",
	"aud":"https://ims-na1.adobelogin.com/c/${api_key}",
	"https://ims-na1.adobelogin.com/s/ent_adobeio_sdk":true
}

 

 

I think I have the correct metascope, but I'm not positive.

 

 

Ultimately, I want to use these:

#get list of all users

 

 

curl -X GET -H "Content-type: application/json" -H "Accept: application/json" -H "x-api-key: ${api_key}" -H "Authorization: Bearer ${access_token}" https://usermanagement.adobe.io/v2/usermanagement/users/${org_id}

 

 

 

#assign users to group

 

 

json='{
  "usergroup": "GROUPNAME",
  "do": [
      {
        "add": {
         "user": [
           "user1@myCompany.com"
         ]
        } 
      }
  ]
}'
curl -X POST -H "Content-type: application/json" -H "Accept: application/json" -H "x-api-key: ${api_key}" -H "Authorization: Bearer ${access_token}" https://usermanagement.adobe.io/v2/action/${org_id} -d "${json}"

 

 

 
Does anyone have an insight as to what the actual issue is? 

 

Topics

Topics help categorize Community content and increase your ability to discover relevant content.

Developer Console

Views

3.9K

Replies

4
Sign in to like this content

Total Likes

Translate
Translate
1 Accepted Solution

Avatar

Correct answer by
Level 2
Level 2
10/4/21 12:33:13 PM

I got it figured out. I was using the I/O Management API and not the User Management API. I also was using the ent_adobeio_sdk metascope and not the ent_user_sdk metascope. Once I got them switched out, it all started working.

View solution in original post

Views

3.9K

Replies

0
Sign in to like this content

Total Likes

Translate
Translate
Jump to reply
4 Replies

Avatar

Community Advisor
Community Advisor
10/2/21 6:09:03 PM

@lreagor 

I would check the documentation for the specific API service for which you’re hitting authenticated endpoints to find what other parameters are expected. Most of them need an x-api-key, which will be the same as your client_id.

some useful links:

https://github.com/AdobeDocs/adobeio-auth/blob/stage/AuthenticationOverview/ServiceAccountIntegratio... 

Views

3.9K

Replies

1
Sign in to like this content

Total Likes

Translate
Translate

Avatar

Level 2
Level 2
10/4/21 5:39:41 AM
In response to Asheesh_Pandey

@Asheesh_Pandey Thanks. I'm digging for anything I can find about it. The necessary parameters are all there. I just can't figure out what the Invalid API Key message is about, when the Key I'm using is directly from my project.

 

I've found another post with the same issue, but no real solution was posted. 
https://experienceleaguecommunities.adobe.com/t5/adobe-target-discussions/adobe-target-admin-api-err...

 

I just wanted to see if the community had any answers before I went to Adobe Support.

Views

3.9K

Replies

0
Sign in to like this content

Total Likes

Translate
Translate

Avatar

Level 2
Level 2
10/4/21 6:38:47 AM

If I turn on verbose mode for curl, I see that it's an HTTP 403 Forbidden error.

 

< HTTP/1.1 403 Forbidden
< Server: openresty
< Date: Mon, 04 Oct 2021 13:33:45 GMT
< Content-Type: application/json
< Transfer-Encoding: chunked
< Connection: keep-alive
< Access-Control-Allow-Credentials: true
< Access-Control-Allow-Headers: X-Requested-With, Origin, Content-Type, Accept, Accept-Language, Authorization, If-Modified-Since, X-Api-Key
< Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS, PATCH

I found in the docs where the 403 Forbidden can mean any of these:

 

 

403 Forbidden

Possible causes are:

Missing API key.
The organization is currently migrating. Either from DMA or to One Console.
API key is not permitted access.

So, my guess is that the API key is not permitted access.

That leads me to ask, how do I get access to the UMAPI?

 

 

 

Views

3.9K

Replies

0
Sign in to like this content

Total Likes

Translate
Translate

Avatar

Correct answer by
Level 2
Level 2
10/4/21 12:33:13 PM

I got it figured out. I was using the I/O Management API and not the User Management API. I also was using the ent_adobeio_sdk metascope and not the ent_user_sdk metascope. Once I got them switched out, it all started working.

Views

3.9K

Replies

0
Sign in to like this content

Total Likes

Translate
Translate
Jump to reply
Related Conversations
500 Error when editing Project Solved

Views

109

Likes

0

Replies

5
Accessing Frame.io API Solved

Views

132

Likes

0

Replies

3
is this possible to set margin of pdf during generate pdf from html to pdf

Views

49

Likes

0

Replies

1
OAuth2 Application generates Access Token but gives 401 when trying to consume Workfront Planning APIs

Views

67

Likes

0

Replies

0
Is mangento 2 support module excluding from js bundling (like stripe)

Views

48

Likes

0

Replies

0