SWAGGER authentication

General
1

I'm using SWAGGER for an API integration, before I do anything I have to do an authentication using my X-API-Key. I tired to using the http request node, but no sucsess. In the debug node I get this:
{
"message" : "X-Api-Key either is not specified or is not correct",
"errors" : ,
"messageId" : "fa11dfd1-1953-4438-9133-f6c288ea795f"
}

First I tired with bearer authentication as it gives me the option to add the token. But getting the same error.

Once I could go through this, I will hit the wall with the second problem,
I have to login as a user using the curl below:

curl -X 'POST' \
  'https://api.websiteaddress/api/login' \
  -H 'accept: application/json' \
  -H 'X-Api-Key: myappikey' \
  -H 'Content-Type: application/json' \
  -d '{
  "login": "email@email.com",
  "passwordHash": "password",
  "userRole": "USER"
}'

What node should be used for this? THANKS

2

The HTTP Request node can be used to make... http requests.

You can pass the node a msg.headers property that contains the HTTP headers to include in the request, and msg.payload will be sent as the body of the request.

Assuming the response contains the appropriate content-type header, the resulting msg.payload will be the JSON parsed into a JavaScript object.

You can see some more examples of the node in the Node-RED cookbook: Set a request header : Node-RED

1 Like
3

You have to add the X-Api-key as a header.
You can do so in the http request node.
Or feed in msg.headers["X-Api-key"] set to your api.
Can you supply the first curl, and a flow example of what you have tried.

How to import/export a flow

In order to make code readable and usable it is necessary to surround your code with three backticks (also known as a left quote or backquote ```)

``` 
   code goes here 
```

You can edit and correct your post by clicking the pencil :pencil2: icon.

See this post for more details - How to share code or flow json

4

Hi, Thanks for the reply, THis is my current flow after reading your comment:

[
    {
        "id": "7acd6eaac711c281",
        "type": "http request",
        "z": "737a0b03786cc867",
        "name": "",
        "method": "POST",
        "ret": "obj",
        "paytoqs": "query",
        "url": "https://api.ajax.systems/api/login",
        "tls": "",
        "persist": false,
        "proxy": "",
        "insecureHTTPParser": false,
        "authType": "",
        "senderr": false,
        "headers": [
            {
                "keyType": "msg",
                "keyValue": "header",
                "valueType": "other",
                "valueValue": "APIKEYHERE"
            },
            {
                "keyType": "Accept",
                "keyValue": "",
                "valueType": "other",
                "valueValue": "application/json"
            },
            {
                "keyType": "Content-Type",
                "keyValue": "",
                "valueType": "other",
                "valueValue": "application/json"
            }
        ],
        "x": 370,
        "y": 260,
        "wires": [
            [
                "20f8935d22eb37c0"
            ]
        ]
    },
    {
        "id": "20f8935d22eb37c0",
        "type": "debug",
        "z": "737a0b03786cc867",
        "name": "API 1",
        "active": true,
        "tosidebar": true,
        "console": false,
        "tostatus": false,
        "complete": "payload",
        "targetType": "msg",
        "statusVal": "",
        "statusType": "auto",
        "x": 630,
        "y": 260,
        "wires": []
    },
    {
        "id": "8636a146bd6c0f64",
        "type": "inject",
        "z": "737a0b03786cc867",
        "name": "",
        "props": [],
        "repeat": "",
        "crontab": "",
        "once": false,
        "onceDelay": 0.1,
        "topic": "",
        "x": 110,
        "y": 260,
        "wires": [
            [
                "7acd6eaac711c281"
            ]
        ]
    }
]

And this is the debug output:

{"message":"X-Api-Key either is not specified or is not correct","errors":[],"messageId":"4b4bc25e-7619-4316-894c-091ce8bc95a1"}

This is the curl code:

curl -X 'POST' \
  'https://api.ajax.systems/api/login' \
  -H 'accept: application/json' \
  -H 'X-Api-Key: apikey \
  -H 'Content-Type: application/json' \
  -d '{
  "login": "email@email.com",
  "passwordHash": "PASSWORD",
  "userRole": "USER"
}'

what is -d means, how can I add ed to the header?

5

-d. is the data to send. This should be your msg.payload. -H are the headers

6

I see, thanks,
How add this to the header, by select msg. ?

This is how it looks now:

[
    {
        "id": "7acd6eaac711c281",
        "type": "http request",
        "z": "737a0b03786cc867",
        "name": "",
        "method": "POST",
        "ret": "txt",
        "paytoqs": "query",
        "url": "https://api.ajax.systems/api/login",
        "tls": "be199a43a6831095",
        "persist": false,
        "proxy": "",
        "insecureHTTPParser": false,
        "authType": "",
        "senderr": false,
        "headers": [
            {
                "keyType": "Accept",
                "keyValue": "",
                "valueType": "other",
                "valueValue": "application/json"
            },
            {
                "keyType": "msg",
                "keyValue": "header",
                "valueType": "other",
                "valueValue": "APIKEY"
            },
            {
                "keyType": "Content-Type",
                "keyValue": "",
                "valueType": "other",
                "valueValue": "application/json"
            },
            {
                "keyType": "msg",
                "keyValue": ".payload",
                "valueType": "other",
                "valueValue": "'{   \"login\": \"email@email.com\",   \"passwordHash\": \"PASSWORD",   \"userRole\": \"USER\" }'"
            }
        ],
        "x": 370,
        "y": 260,
        "wires": [
            [
                "20f8935d22eb37c0"
            ]
        ]
    },
    {
        "id": "be199a43a6831095",
        "type": "tls-config",
        "name": "",
        "cert": "",
        "key": "",
        "ca": "",
        "certname": "",
        "keyname": "",
        "caname": "",
        "servername": "",
        "verifyservercert": true,
        "alpnprotocol": ""
    }
]

I have a feeling it is not correct, and I still getting the same in the debug.

7

I am confused is that not your second curl, do you not need to get authorisation first. Do you have a curl for that

But here is an example

[{"id":"0c64195527255170","type":"inject","z":"d1395164b4eec73e","name":"","props":[{"p":"payload"}],"repeat":"","crontab":"","once":false,"onceDelay":0.1,"topic":"","payload":"{\"login\":\"email@email.com\",\"passwordHash\":\"password\",\"userRole\":\"USER\"}","payloadType":"json","x":190,"y":1360,"wires":[["ab1d677a7b42d6ad"]]},{"id":"ab1d677a7b42d6ad","type":"http request","z":"d1395164b4eec73e","name":"","method":"POST","ret":"obj","paytoqs":"ignore","url":"https://api.websiteaddress/api/login","tls":"","persist":false,"proxy":"","insecureHTTPParser":false,"authType":"","senderr":false,"headers":[{"keyType":"other","keyValue":"X-Api-Key:","valueType":"other","valueValue":"your api ley"},{"keyType":"Content-Type","keyValue":"","valueType":"application/json","valueValue":""},{"keyType":"Accept","keyValue":"","valueType":"application/json","valueValue":""}],"credentials":{"user":"","password":""},"x":350,"y":1340,"wires":[["c0decdbab911895e"]]},{"id":"c0decdbab911895e","type":"debug","z":"d1395164b4eec73e","name":"debug 2456","active":true,"tosidebar":true,"console":false,"tostatus":false,"complete":"false","statusVal":"","statusType":"auto","x":510,"y":1340,"wires":[]}]

The -d is the data and is passed in msg.payload, i have put it in the inject node.

[edit] if you pass msg.headers then it is automatically picked up by the http request node.

8

Hi,
I appriciate your help, no I'm confused there as well. on the swagger site if I want to test the API first I need an authentication wih the API key, once its done, I can manually add the log in parameters, and it gives me the curl, and the response body .

I tired your flow, it is getting somewhere. This is the debug

RequestError: Header name must be a valid HTTP token ["X-Api-Key:"] : https://api.ajax.systems/api/login

Could it be because the web address is HTTPS not HTTP?

9

No, the error says the x-api-key is not valid, in my flow example there is no valid token, as i do not Know your token.

Best you supply the the documentation of the swagger site.

But guessing from your posts so far I think you need to send a request to with your api key to receive a valid authentication token, you would then use that token to make further requests. But this is all guess work without documentation.

10

Yes this is exactly the case, good guess. I need a API KEY, I put it in in your flow ( and works fine on the swagger site, so it is correct) after this uthentication the response will be a session token, and for the rest of the call I need that seassion token, but I can't get through the API KEY issues, I dont know why it says incorrect.

11

Hi Mate,
It works, the issue was that there was a : after the API-KEY, so it added the : to the key as a characther.

You helpled me a lot, thank you let me know if I can compensate you in any way!!

Here is the final flow if someone needs it:

[
    {
        "id": "0c64195527255170",
        "type": "inject",
        "z": "737a0b03786cc867",
        "name": "",
        "props": [
            {
                "p": "payload"
            }
        ],
        "repeat": "",
        "crontab": "",
        "once": false,
        "onceDelay": 0.1,
        "topic": "",
        "payload": "{\"login\":\"email@mail.com\",\"passwordHash\":\"PASSWORDHERE\",\"userRole\":\"USER\"}",
        "payloadType": "json",
        "x": 170,
        "y": 580,
        "wires": [
            [
                "ab1d677a7b42d6ad"
            ]
        ]
    },
    {
        "id": "ab1d677a7b42d6ad",
        "type": "http request",
        "z": "737a0b03786cc867",
        "name": "",
        "method": "POST",
        "ret": "obj",
        "paytoqs": "ignore",
        "url": "https://api.ajax.systems/api/login",
        "tls": "be199a43a6831095",
        "persist": false,
        "proxy": "",
        "insecureHTTPParser": false,
        "authType": "bearer",
        "senderr": false,
        "headers": [
            {
                "keyType": "Accept",
                "keyValue": "",
                "valueType": "application/json",
                "valueValue": ""
            },
            {
                "keyType": "other",
                "keyValue": "X-Api-Key",
                "valueType": "other",
                "valueValue": "APIKEYHERE"
            },
            {
                "keyType": "Content-Type",
                "keyValue": "",
                "valueType": "application/json",
                "valueValue": ""
            }
        ],
        "x": 370,
        "y": 580,
        "wires": [
            [
                "c0decdbab911895e"
            ]
        ]
    },
    {
        "id": "c0decdbab911895e",
        "type": "debug",
        "z": "737a0b03786cc867",
        "name": "API3",
        "active": true,
        "tosidebar": true,
        "console": false,
        "tostatus": false,
        "complete": "payload",
        "targetType": "msg",
        "statusVal": "",
        "statusType": "auto",
        "x": 510,
        "y": 580,
        "wires": []
    },
    {
        "id": "be199a43a6831095",
        "type": "tls-config",
        "name": "",
        "cert": "",
        "key": "",
        "ca": "",
        "certname": "",
        "keyname": "",
        "caname": "",
        "servername": "",
        "verifyservercert": true,
        "alpnprotocol": ""
    }
]
12

There was no : after X-Api-key in my example flow.

13

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.