https://community.esri.com/t5/arcgis-rest-apis-and-services-questions/admin-api-token-exchange-on-node-js-vs-python/m-p/1178803#M4167 <P>Thanks, I'll have a look at this!</P> Tue, 31 May 2022 21:24:19 GMT JVig 2022-05-31T21:24:19Z https://community.esri.com/t5/arcgis-rest-apis-and-services-questions/admin-api-token-exchange-on-node-js-vs-python/m-p/1176165#M4140 <P><STRONG>TL;DR: Why does Node.js have a different response to exchanging a token in the header vs Python when trying to reach an admin endpoint using a standalone ArcGIS for Server architecture?</STRONG><BR /><BR />Hello fellow GIS Devs! I've been building out a command line interface to help with some of my administrative tasks using ArcGIS Server 10.7.1 (NOT PORTAL just the standalone server) using node.js, as we plan on upgrading our system to Portal in the future. Because I am not using Portal, I believe the Oath2 workflows will not necessarily work for me. Now to my problem: for some reason in when using Node.js I run into an error regarding the clientID:</P><LI-CODE lang="javascript">{ status: 'error', messages: [ 'Invalid token, ClientID does not match.' ], code: 498 }</LI-CODE><P>I am using Axios to connect to the administration endpoint and using an interceptor to set the token as an Authorization header for the requests. I have verified the successful return of my token along with it being applied to the GET request at the &lt;myarcserver&gt;/arcgis/admin/services/&lt;folder&gt; endpoint. And yet, I still get the error above which appears to be an Oath2.0 error. Below is a snippet of my instance module along with the module calling it. Please don't make fun of me, I'm just starting to learn Node <span class="lia-unicode-emoji" title=":grinning_face_with_smiling_eyes:">😄</span><BR /><BR />Instance snippet:</P><LI-CODE lang="javascript">const baseURL = new URL(`${host}/arcgis/admin`).href; const headers = { 'Content-Type': 'application/x-www-form-urlencoded', 'Accept': 'application/json' }; const payload = new URLSearchParams({ username: process.env.GDS_USER, password: process.env.GDS_PASS, client: 'referer', referer: baseURL, f: 'json' }); let token = null; const axiosInstance = axios.create({baseURL: baseURL}); axiosInstance.interceptors.request.use(async config =&gt; { if (!token) { const { data } = await axios({ url: `${baseURL}/generateToken`, method: "post", data: payload, headers: headers }) token = data.token; } config.headers.Authorization = `Bearer ${token}`; return config });</LI-CODE><P>&nbsp;And here is the function that calls it when the command line command is invoked:</P><LI-CODE lang="javascript">export const listServices = (folder, env) =&gt; { const arc = arcServer(env); return arc({ url: `/services/${folder}`, method: "get", params: { f: 'json', } }) .then(response =&gt; { console.log(response.data) }) .catch(error =&gt; { return Promise.reject(error) }); }</LI-CODE><P>And a screenshot of the response:</P><P><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="JVig_0-1653093331795.png" style="width: 400px;"><img src="https://community.esri.com/t5/image/serverpage/image-id/41877i8600D485B39AE88F/image-size/medium?v=v2&amp;px=400" role="button" title="JVig_0-1653093331795.png" alt="JVig_0-1653093331795.png" /></span></P><P>&nbsp;</P><P>Finally, I have written something similar to this in the past using python and have had zero issue connecting to it, even now.</P><LI-CODE lang="python">def get_token(self): """ Acquires the token necessary to access the administration endpoints. Tokens are limited to 600 seconds before expiration. """ url = f'{self.server}:6443/arcgis/admin/generateToken' headers = {"Content-type": "application/x-www-form-urlencoded", "Accept": "text/plain"} params = { 'username': self.user, 'password': self.password, 'client': 'referer', 'referer': self.referer, 'f': 'json' } r = self.session.post(url, data=params, headers=headers) if r.status_code == 200: response = json.loads(r.text) if response.get('token'): self.session.headers.update({'Authorization': f'Bearer {response["token"]}'}) return response['token'] else: if response.get('error'): e = response['error'] raise ArcGISServerException('Generate token failed: {}'.format(e)) else: raise ArcGISServerException('Generate token failed') else: raise ArcGISServerException('Generate token failed, server response code: {}'.format(r.status_code))</LI-CODE><P>&nbsp;</P><P>So what's the difference here? Am I just a node amateur? Why is the admin services directory requesting a client ID when using one language, but not the other?<BR /><BR />As always, appreciate y'all's help. <span class="lia-unicode-emoji" title=":red_heart:">❤️</span></P><P>&nbsp;</P><P>/Jason</P> Sat, 21 May 2022 00:42:11 GMT https://community.esri.com/t5/arcgis-rest-apis-and-services-questions/admin-api-token-exchange-on-node-js-vs-python/m-p/1176165#M4140 JVig 2022-05-21T00:42:11Z https://community.esri.com/t5/arcgis-rest-apis-and-services-questions/admin-api-token-exchange-on-node-js-vs-python/m-p/1178492#M4157 <P>Hi Jason,</P><P>I'm more a JS developer. I have never sent the token in the header, I have always send the token as another parameter.</P><P>It would help to see a copy of both CURL requests (removing the tokens/domains) to better understand what might be happening, but it doesn't make sense to me either.</P><P>I'm going to share a few resources that might help you with this:</P><UL><LI>"Security and authentication &gt; <A href="https://developers.arcgis.com/documentation/mapping-apis-and-services/security/#capability-comparison" target="_self">Capability comparison</A>" shows a summary table displaying differences between the different authentication methods</LI><LI><A href="https://developers.arcgis.com/arcgis-rest-js/authentication/" target="_self">ArcGIS REST JS -&gt; Authentication</A> this open source library aims to help JS developers to work with ArcGIS services (this is a <A href="https://www.youtube.com/watch?v=0pIgQW8ssIw" target="_self">really good talk about it</A>); I have noticed there is no example using username and password</LI><LI><A href="https://www.postman.com/arcgis-developer/workspace/arcgis-location-services" target="_self">ArcGIS Location Services Postman Workspace</A>&nbsp;&lt;- This only contains examples for ArcGIS Online and Platform, but you can see how all requests send the token as a parameter.</LI></UL><P>I hope this helps</P><P>&nbsp;</P><P>&nbsp;</P> Tue, 31 May 2022 10:12:33 GMT https://community.esri.com/t5/arcgis-rest-apis-and-services-questions/admin-api-token-exchange-on-node-js-vs-python/m-p/1178492#M4157 Raul_Jimenez 2022-05-31T10:12:33Z https://community.esri.com/t5/arcgis-rest-apis-and-services-questions/admin-api-token-exchange-on-node-js-vs-python/m-p/1178803#M4167 <P>Thanks, I'll have a look at this!</P> Tue, 31 May 2022 21:24:19 GMT https://community.esri.com/t5/arcgis-rest-apis-and-services-questions/admin-api-token-exchange-on-node-js-vs-python/m-p/1178803#M4167 JVig 2022-05-31T21:24:19Z