Community

Invalid tokens using client: referer

2939
1
Jump to solution
06-30-2016 11:28 AM
AnTran
by
New Contributor
‎06-30-2016 11:28 AM

I have a back end python script that is checking out a token. When I am testing on local host am passing in

data = {'f': 'json', 'username': 'user', 'password': 'password', 'client': 'requestip'}

which returns a valid token and I am able to use the token to successfully query the service.

However, once the app is deployed to production the tokens are no longer valid. I am getting tokens, but when I pass them to my query I am getting a 498 error. I have tried to change the token request to use

data = {'f': 'json', 'username': 'user', 'password': 'password', 'client': 'referer', 'referer': 'http://my/app/dir}

on IIS but unfortunately I am still getting tokens that are not accepted for the query.

0 Kudos
1 Solution

Accepted Solutions
AnTran
by
New Contributor
‎06-30-2016 08:42 PM

I ended up figuring out the issue, and it turned out to be a really silly mistake on my part. When the token was requested it was passed data = {'f': 'json', 'username': 'user', 'password': 'password', 'client': 'referer', 'referer': 'http://my/app/dir} so naturally the token is only valid for requests coming from http://my/app/dir. In my query of a service layer using urllib2, I neglected to call request.add_header('referer, 'http://my/app/dir') before sending the request, so based on the header the request was not coming from http://my/app/dir even though that is where my script resides, and as a result I ended up with an invalid token response.

View solution in original post

1 Reply
AnTran
by
New Contributor
‎06-30-2016 08:42 PM

I ended up figuring out the issue, and it turned out to be a really silly mistake on my part. When the token was requested it was passed data = {'f': 'json', 'username': 'user', 'password': 'password', 'client': 'referer', 'referer': 'http://my/app/dir} so naturally the token is only valid for requests coming from http://my/app/dir. In my query of a service layer using urllib2, I neglected to call request.add_header('referer, 'http://my/app/dir') before sending the request, so based on the header the request was not coming from http://my/app/dir even though that is where my script resides, and as a result I ended up with an invalid token response.