Copied to clipboard

Flag this post as spam?

This post will be reported to the moderators as potential spam to be looked at


  • Jacob Brock-Hansen 13 posts 154 karma points
    Aug 18, 2021 @ 19:06
    Jacob Brock-Hansen
    0

    How do i call my api with authorization

    I have created a controller that i want to call as a rest service from postman:

    namespace my.namespace
    {
        [Route("Hello/[action]")]
        [UmbracoMemberAuthorize("", "Hello-group", "")]
        public class HelloController : UmbracoApiController
        {
            public string HelloWorld()
            {
                return "Hi";
            }
        }
    }
    

    I have also added a member group in Umbraco called "Hello-group" and added a member to that group.

    When i try to call this service from postman with this url: https://localhost:myport/hello/helloworld And i have added my users username and password and selected basic-auth in the postman authorization tab i get an 404 not found error returned.

    If i remove the [UmbracoMemberAuthorize("", "Hello-group", "")] annotation it works.

    Im pretty new to Umbraco but this seems like a simple setup so im confused as to what is going on. Can anyone help me figure out if i need to add a setting somewhere or do it another way?

    Thanks

  • Brendan Rice 501 posts 915 karma points
    Aug 18, 2021 @ 21:42
  • Jacob Brock-Hansen 13 posts 154 karma points
    Aug 22, 2021 @ 20:47
    Jacob Brock-Hansen
    0

    Hi Brendan I actually build my solution from that link. Its mainly about how Umbraco 7 works, but also have a link to the newest Umbraco 9 howto description: https://our.umbraco.com/Documentation/Reference/Routing/WebApi/authorization-v9

    Im using Umbraco 9 and it seems pretty simple to just add the annotation to the class, but im getting a 404 error - shouldnt i be getting an unauthorized error or something like that?

  • Brendan Rice 501 posts 915 karma points
    Aug 23, 2021 @ 10:42
    Brendan Rice
    0

    Have you included local cookies in the Postman request as described in the link above?

  • Jacob Brock-Hansen 13 posts 154 karma points
    Aug 23, 2021 @ 11:30
    Jacob Brock-Hansen
    0

    Hi Brendan

    No i haven't tried the cookie approach, i need to grant access to outside parties to call my Api Controllers - so i sort of assumed that it would not be viable to ask them to create cookies with a backend login.

    Im just using Postman as an example - i expect outside parties to create their own Api to call my rest services (probably some java code)

    But im new to Umbraco, so could the cookie trick be applied to a java client for instance?

  • Brendan Rice 501 posts 915 karma points
    Aug 23, 2021 @ 11:59
    Brendan Rice
    0

    Ah. I think I understand the issue now that there is a little more context. The UmbracoMemberAuthorize attribute should be used only for logged in Members.

    If you want a 3rd party to access the API this might help:

    https://github.com/mattbrailsford/umbraco-authu

  • Jacob Brock-Hansen 13 posts 154 karma points
    Aug 23, 2021 @ 12:13
    Jacob Brock-Hansen
    0

    Hi Brendan

    From that link it seems there are alot more going on under the hood when working with API endpoints than what i first thought. I will try out the example and see where it leads and update this thread afterwards

  • Jacob Brock-Hansen 13 posts 154 karma points
    Aug 23, 2021 @ 14:07
    Jacob Brock-Hansen
    0

    Bummer - AuthU seems to be something that would work well for my needs, but its not applicable for Umbraco 9 yet.

    Are there other authentication packages that work for umbraco 9 out there?

  • Brendan Rice 501 posts 915 karma points
    Aug 23, 2021 @ 17:48
    Brendan Rice
    0

    I'm not sure this would work as I've never tried it but .Net Core might be able to plug the gap:

    https://auth0.com/blog/aspnet-web-api-authorization/

Please Sign in or register to post replies

Write your reply to:

Draft