Community

invalid token for portaladmin/security/users/createUser

5630
4
Jump to solution
03-28-2018 06:18 AM
SunSun
by
New Contributor II
‎03-28-2018 06:18 AM

Hi Everybody,

we have Portal for ArcGIS 10.5.1 (federated with AGS 10.5.1).

I try to use REST API to manage users in .net console application (using RestSharp).

To do that, I get a token on "https://{myAliasPortal}/arcgis/sharing/rest/generateToken"

Then I check if my user exists with "https://{myAliasPortal}/arcgis/sharing/rest/community/users/{usermame}"  (it's work)

Then I want to add user with "https://{myAliasPortal}/arcgis/portaladmin/security/users/createUser" and I have this error :

{"error":{"code":500,"message":"java.lang.Exception: The server at 'https://{machineName}:7443/arcgis/sharing/rest/community/createUser' returned an error. Invalid token. []","details":null}}

It's a code 500 (not a 498).

It's strange because the server url returned :

  • has machine name and port instead of aliasName (webAdaptor)
  • is mixed with "sharing/rest" and "portaladmin" url (for me, "createUser" exist only on portaladmin and not on sharing/rest).
  • java error, not a direct rest API error ?

Do you have idea to fix the problem please ?

Please find bellow the code :

static string getToken(string username, string password, string geoportalUrl)
{
   RestClient client = new RestClient(geoportalUrl);
   RestRequest request = new RestRequest("arcgis/sharing/rest/generateToken", Method.POST);
   request.AddParameter("f", "json");
   request.AddParameter("username", username);
   request.AddParameter("password", password);
   request.AddParameter("client", "referer");
   request.AddParameter("referer", geoportalUrl + "/arcgis");
   IRestResponse response = client.Execute(request);
   var content = response.Content;
   ArcGISToken t = JsonConvert.DeserializeObject<ArcGISToken>(content.ToString());
   return t.token;
}

static PortalUser createUser(string username, string firstname, string lastname, string role,
                                              string level, string email, string provider,
                                              string geoportalUrl, string token)
{
   RestClient client = new RestClient(geoportalUrl);
   RestRequest request = new RestRequest("arcgis/portaladmin/security/users/createUser", Method.POST);
   request.AddParameter("username", username);
   request.AddParameter("firstname", firstname);
   request.AddParameter("lastname", lastname);
   request.AddParameter("role", role);
   request.AddParameter("level", level);
   request.AddParameter("email", email);
   request.AddParameter("provider", provider); //"enterprise"
   request.AddParameter("token", token);
   request.AddParameter("f", "json");
   IRestResponse response = client.Execute(request);
   var content = response.Content;
}

and the call :

string adminUsername = "adminaccount";
string adminPassword = "password";

string geoportalUrl = "https://geoportal.company.com";

string token = getToken(adminUsername, adminPassword, geoportalUrl);

createUser("JOHNDOE", "John", "Doe", "viewer","1", "john.doe@company.com", "enterprise", geoportalUrl, token);

Thanks in advance for your help.

Edit : if I generate token with 

request.AddParameter("client", "requestip");

I get this error :

{"error":{"code":498,"message":"Invalid Token.","details":["Token would have expired, regenerate token and send the request again.","If the token is generated based on the referrer make sure the referrer information is available with every request in header."]}}

0 Kudos
1 Solution

Accepted Solutions
SunSun
by
New Contributor II
‎03-29-2018 02:15 AM

Using token without referer doesn't work. It's mandatory to use token with referer.

Then, it's means to add referer in the header of the request :

request.AddHeader("referer", geoportalUrl + "/arcgis");

and it's works

Also, the role to transmit is an ID and not the name. To find the ID : https://portalUrl/arcgis/sharing/rest/portals/self/roles

Have a good day. 

View solution in original post

4 Replies
SunSun
by
New Contributor II
‎03-29-2018 02:15 AM

Using token without referer doesn't work. It's mandatory to use token with referer.

Then, it's means to add referer in the header of the request :

request.AddHeader("referer", geoportalUrl + "/arcgis");

and it's works

Also, the role to transmit is an ID and not the name. To find the ID : https://portalUrl/arcgis/sharing/rest/portals/self/roles

Have a good day. 

MikeButt
by
New Contributor II
‎03-08-2019 02:37 AM

Had the same problem but adding referer didn;t work - https://community.esri.com/message/836822-javalangexception-invalid-token 

0 Kudos
maxsquires2
by
New Contributor II
‎12-03-2020 05:29 AM

for the same problem using the portal api from python (requests) that solution worked for me.

def create_user(uri, params, args, token):
    # uri: portal/portaladmin/security/users/createUser
    data = {"username":params['username'], "password":params['password'], "firstname":params['firstname'], "lastname":params['lastname'], "role":params['role'], "level":params['level'], "email":params['email'], "description":params['description'], "provider":params['provider'], "userLicenseTypeId":params['userLicenseTypeId'], "f": "json", "token": token}

    header = {"referer": "https://{}/portal".format(args.portal_host)}
    response = requests.post(url="https://{}/{}".format(args.portal_host, uri), data=data, headers=header)

 

before adding the header to post i was getting:
>response.json()

{'error': {'code': 500, 'message': 'Invalid token.', 'details': None}}

after adding the header:

{'status': 'success'}

LindseyDanforth_Boulder
by
New Contributor II
‎02-25-2023 11:45 AM

I had the same issue and this worked! Thanks!

0 Kudos