I am trying to get the authorization token to access the Data Services Entities information using the API Access instruction using the information just generated when I created an External Applications:
I do it from web browser and Postman Get request, both way get this error:
{
“error”: “You are not authenticated to access Data Service. Make sure your Assistant or Robot is connected to a modern folder in your account.”
}
I don’t really understand what does it mean, I am connected to Cloud Orchestrator and connected to a modern folder via Studio Pro. I appreciate your help.
Im not really sure I understand what it means, because it is an external App just created via Orchestrator (External Applications). I use Ap Id and Secret Key via API to extract data from Data Services, not to connecting to any modern folder.
Yes, exactly. I think the error is that I have to match the access to my External Application with the Roles in Data Services, but I dont know how to do it.
Following the instructions: " 1. The external application sends an authorize request to the UiPath Identity Server authorize endpoint to get the authorization code."
GET Request (Postman): UiPath{ID from Ext App}&scope=DataService.Data.Read?redirect_uri=UiPath
It suppose to return me an authorization code, but I dont receive any response. If I try to do it in the web browser → An unknown error has occurred. (#200)
First you fire an “autorize” call which is actually a GET call, but the redirect_uri needs to be your app that will get the authorization code. You need to also make sure this redirect_uri matches the uri you have put in the External App registration as well.
The user will then be directed to browser where they will sign-in and authorize the request, which will generate an authorization code and sent on the redirect_uri as {redirect_url}?code={authorization_code}&scope={scopes}
Your app should read the authorization_code and then call the /token endpoint as a POST reuest to get an access token.
Once the access token is generated in step 3, you will be able to call Data Service APIs.
The permissions on the Data Service APIs will be an intersection of the scopes selected on the External App and the particular user who is authorizing the app and is used to generate the access token.
For example, in your case, the token will be able to only read data for the entities or fields that the user has access to. Even if the user has access to write data to some entities or fields, this token will fail because it only has the Data.Read scope on it.
I am not very sure what “but the redirect_uri needs to be your app” means in terms of configuration. It suppose that I am trying to establish the first connection via Postman. After that, I will use Google App script to extract data using UiPath Data Services API. How should I set the parameter “Redirect URL” in this case, for example?
If you are using Postman and then select the “Authorize using browser” option, it shows Callback URL that you need to use →
By using that redirect url, when the authorization flow happens, the browser will pass the authorization_code to Postman and then Postman will use it to get the access token.
My problem was precisely that, I didn’t use the redirect url correctly, depending on my external app (in this case - Postman). Setting this URL for the callback message it passed the authorization and gets the token. Thanks a lot!
PS: I found a detailed configuration here, maybe it will be helpful for anyone in the future: UiPath Auth2.0 API consuming
