Unauthorized Access with new API

Hi,

I'm upgraded to 2022.2. I've got a couple of keys created on the auth page, however all my requests are failing. Can you advise what I might be doing wrong? Fails in Shortcuts, fails in curls.

Code: Select all

tornado@macpro:~ % curl -H "Authorization: Bearer XXXXX-be02-4ab0-a3e2-da8750745d99" https://me.indigodomo.net/v2/api/indigo.devices
Unauthorized Access%
tornado@macpro:~ % curl -H "Authorization: Bearer XXXXX-1567-46af-a2ae-e5a5da4a410d" https://me.indigodomo.net/v2/api/indigo.devices
Unauthorized Access%
tornado@macpro:~ % curl -H "Authorization: Bearer XXXXX-1567-46af-a2ae-e5a5da4a410d" https://me.indigodomo.net/v2/api/indigo.devices/1088510398
Unauthorized Access%

Thanks,
Joe

[matt (support)]

I assume you are actually using your real reflector name in the URL and not "me"?

Does the Event Log window show anything when you attempt the curl?

I am indeed using my real reflector name yes.

Here is the log for when I attempt it:

Code: Select all

   Web Server Warning              access denied for request /v2/api/indigo.devices from 71.227.150.218


[matt (support)]

Hmmm... I'm not sure what is going wrong. I just copy/pasted your exact curl examples from above and substituted my reflector name and API key and it worked. What version of curl are you using?

curl --version

I copied your first curl statement above, and using my API Key and reflector name, it worked on the first crack.

On Indigo server startup, my settings are:
- Enable secure internet access via Indigo Reflector
- Outgoing reflector port selection: Default
- Enable OAuth and API Key Authentication

Jinx Matt.

[matt (support)]

Good point about checking the Enable OAuth and API Key Authentication checkbox. I had forgotten about that.

Yep that was it! I didn't have Enable OAuth and API Key authentication turned on.

Thanks!