Support

Expand all | Collapse all

Unable to retrieve access token using rest/oauth/token endpoint

  • 1.  Unable to retrieve access token using rest/oauth/token endpoint

    Posted 11-14-2018 17:43
    Hi there,

    I'm unable to retrieve an access token for using the Jama REST API in a Python script. Here is my script so far:

    #!/usr/bin/python
    
    import requests
    
    _HTTP = "http://"
    _JAMA_REST_URL = "myjama.jamacloud.com/rest"
    _BASE_URL = _HTTP + _JAMA_REST_URL + "/latest/"
    _OAUTH_URL = _HTTP + _JAMA_REST_URL + "/oauth/token"
    
    _CLIENT_ID = 'myclientid'
    _CLIENT_SECRET = 'myclientsecret'
    
    data={'grant_type': 'client_credentials'}
    response = requests.post(_OAUTH_URL, data=data, auth=(_CLIENT_ID, _CLIENT_SECRET))
    
    print response.text
    ​

    Note that I've replaced the jamacloud paths and client id/secret as "myjama", "myclientid", and "myclientsecret", respectively.

    The output of this script is:

    $ python upload_test_results_to_jama.py
    <html><head><title>Error report</title></head><body><h1>HTTP Status 405 - Method Not Allowed</h1></body></html>

    Since the Jama instance that I work with uses SSO, I tried my best to follow the OAuth example in your docs listed here, but I was unable to retrieve an access token successfully.

    Are the docs out of date, or is some of my syntax incorrect?

    Thanks!

    ------------------------------
    Nick Cruz
    ------------------------------


  • 2.  RE: Unable to retrieve access token using rest/oauth/token endpoint

    Posted 11-14-2018 18:27
    Hi there, Nick again!

    I was able to figure this out! The two modifications I made was that I used https and also to ensure that the client id and secret were prepended before an @ symbol between https:// and the jamacloud URL.

    Here is my updated python script that simply prints out a JSON response similar to the one in the documentation:

    #!/usr/bin/python
    
    import requests
    
    _CLIENT_ID = 'myclientid'
    _CLIENT_SECRET = 'myclientsecret'
    
    _HTTPS = "https://"
    _JAMA_REST_URL = "myjama.jamacloud.com/rest"
    _BASE_URL = _HTTPS + _JAMA_REST_URL + "/latest/"
    _OAUTH_URL = "%s%s:%s@%s/oauth/token" % (_HTTPS,
                                             _CLIENT_ID, _CLIENT_SECRET, _JAMA_REST_URL)
    
    # Make sure _OAUTH_URL is:
    # myclientsecret@myjama.jamacloud.com/rest/oauth/token">https://myclientid:myclientsecret@myjama.jamacloud.com/rest/oauth/token
    response = requests.post(_OAUTH_URL, data={'grant_type': 'client_credentials'})
    
    print response.text​


    ------------------------------
    Nick Cruz
    ------------------------------



  • 3.  RE: Unable to retrieve access token using rest/oauth/token endpoint

    Posted 11-15-2018 10:02
    Nick:

    Excellent, thank you for replying back with your fix!

    Best,

    ------------------------------
    Chloe Elliott
    Jama Software
    Portland OR
    ------------------------------



  • 4.  RE: Unable to retrieve access token using rest/oauth/token endpoint

    Posted 30 days ago
    ​Hi Chloe and Nick,

    I saw this thread and would greatly appreciate any insight you may have.

    Do you have any suggestions about automating the entire oAuth authentication process?

    I'm able to programmatically follow the authentication process outlined in the documentation, but run into 2 obstacles:
    • The need to generate Client ID and Secret in Jama and then transfer ID and Secret to program needing them. Am I missing any API endpoint(s) to GET this data?
    • The tokens expire very quickly. Users have to generate API credentials frequently.
    We had a very useful utility that died when our cybersecurity team insisted we move to SSO and credentials were no longer stored in Jama.

    Users don't want to have to generate API credentials to use the utility. Too many steps for them.
    I looked at Okta docs and other sources but haven't found anything to address this issue.

    Thanks!



    ------------------------------
    Ander A
    ------------------------------



  • 5.  RE: Unable to retrieve access token using rest/oauth/token endpoint

    Posted 27 days ago
    Hey Ander,

    Another Nick jumping in here!  Unfortunately, at this time, I'm sorry to say that we don't provide a way to automate the entire creation of an OAuth token form start to finish like you're describing here.  My best advice would be to do something similar to what the original Nick who posted this has done and set that Oauth token as a variable within your script and then set it up to be able to be called when needed.  In fact, that use of the requests library that Nick has done above is exactly what I've done with my scripting when utilizing the Jama Rest API and Python scripting.

    At this point, I'd recommend reviewing both this authentication article as well as some of our code examples, as they may be able to provide some more insight into making this process easier.

    Thanks and let me know if you have any more questions!


    ------------------------------
    Nick S
    Jama Software
    ------------------------------



  • 6.  RE: Unable to retrieve access token using rest/oauth/token endpoint

    Posted 26 days ago
    I am currently working out a process for our company to use this mechanism for reporting automated test results. We will be pushing test results into Jama based on a standalone program that parses results files for the appropriate information. Here's my plan:

    • Create a utility program that does the following:
      • Provide the user instructions for generating an API Key/Secret pair.
      • Prompt the user to enter the following information:
        • Jama User Name
        • API Key
        • API Secret
        • A password specific to reporting test results
      • The utility then uses the username/password combination as a key to AES encrypt a file with the key/secret combination.
      • The file is stored on the user's computer (or lab computer, or wherever the test results are being reported).
    • Create a test result reporting program that does the following:
      • Prompt the user for Jama User Name and test result reporting password.
      • Decrypt the key/secret file
      • Generate the authentication token
      • Parse results files and push to Jama Test Runs 
        • We will build a regenerate-token/retry loop around test results entry to handle token expiration, although we don't expect the token to expire since we are pushing completed results.



    ------------------------------
    Steve Kay
    Hologic - Breast Health
    ------------------------------



  • 7.  RE: Unable to retrieve access token using rest/oauth/token endpoint

    Posted 26 days ago
    Hi Steve,

    That's a pretty awesome sounding automation process!  While I can't speak too much about building your own encryption aspect of it out, I do believe that using the input method to prompt your users for that information and then utilizing it in your later calls will be useful and beneficial for this context.

    Additionally, I would also recommend reviewing the Rest API endpoints for Test Runs as well as Test Plans and Test Cycles and testing this out within the Swagger UI of your Jama instance as well as those endpoints are often utilized in tandem with one another.

    Good luck with this build out!


    ------------------------------
    Nick S
    Jama Software
    ------------------------------



  • 8.  RE: Unable to retrieve access token using rest/oauth/token endpoint

    Posted 26 days ago
    ​Hi Nick S and Steve,

    Thanks for your informative responses. Really helpful. Great to learn how other people approach this issue.

    Best.
    -A

    ------------------------------
    Ander A
    ------------------------------