Cant pass API authorization to access Data Services Entities

Hello!

I am trying to get the authorization token to access the Data Services Entities information using the API Access instruction using the information just generated when I created an External Applications:

UiPath{redirect url)

I do it from web browser and Postman Get request, both way get this error:

{
“error”: “You are not authenticated to access Data Service. Make sure your Assistant or Robot is connected to a modern folder in your account.”
}

I don’t really understand what does it mean, I am connected to Cloud Orchestrator and connected to a modern folder via Studio Pro. I appreciate your help.

1 Like

Hey @jucgonza

Did you choose data services in the External Apps admin panel config ?

Thanks
#nK

As error implies is the robot connected to right folder in your orchestrator

Check that and also check with the permission to access that folder and it’s entities

Cheers @jucgonza

Hello! Thanks for your response. Yes, I have selected the DataService.Data.Read scope for my external app:

1 Like

Im not really sure I understand what it means, because it is an external App just created via Orchestrator (External Applications). I use Ap Id and Secret Key via API to extract data from Data Services, not to connecting to any modern folder.

Okay looks good. So you are trying to authenticate & get access token with which you are trying to access DS right ?

Yes, exactly. I think the error is that I have to match the access to my External Application with the Roles in Data Services, but I dont know how to do it.

1 Like

Nope, I don’t think so.

Kindly show the code what you are trying to do please ?

Thanks.
#nK

Following the instructions: " 1. The external application sends an authorize request to the UiPath Identity Server authorize endpoint to get the authorization code."

GET Request (Postman):
UiPath{ID from Ext App}&scope=DataService.Data.Read?redirect_uri=https://cloud.uipath.com/organization/tenant/dataservice_/api/DataService

It suppose to return me an authorization code, but I dont receive any response. If I try to do it in the web browser → An unknown error has occurred. (#200)

1 Like

Hey @jucgonza

It should be a POST request with a different approach.

Please follow the instructions as in the below link,

Refer to the Client Credentials section in the link.

Thanks
#nK

Hi @jucgonza,

As you are using the Confidential App and Data Service only support user scopes, you need to use the Authorization Code flow described here - Accessing UiPath resources using external applications.

The authorization code flow is 3 step process -

  1. First you fire an “autorize” call which is actually a GET call, but the redirect_uri needs to be your app that will get the authorization code. You need to also make sure this redirect_uri matches the uri you have put in the External App registration as well.
  2. The user will then be directed to browser where they will sign-in and authorize the request, which will generate an authorization code and sent on the redirect_uri as {redirect_url}?code={authorization_code}&scope={scopes}
  3. Your app should read the authorization_code and then call the /token endpoint as a POST reuest to get an access token.

Once the access token is generated in step 3, you will be able to call Data Service APIs.

The permissions on the Data Service APIs will be an intersection of the scopes selected on the External App and the particular user who is authorizing the app and is used to generate the access token.

For example, in your case, the token will be able to only read data for the entities or fields that the user has access to. Even if the user has access to write data to some entities or fields, this token will fail because it only has the Data.Read scope on it.

1 Like

Hello! Thanks for your response.

I am not very sure what “but the redirect_uri needs to be your app” means in terms of configuration. It suppose that I am trying to establish the first connection via Postman. After that, I will use Google App script to extract data using UiPath Data Services API. How should I set the parameter “Redirect URL” in this case, for example?

If you are using Postman and then select the “Authorize using browser” option, it shows Callback URL that you need to use →
image

By using that redirect url, when the authorization flow happens, the browser will pass the authorization_code to Postman and then Postman will use it to get the access token.

Similarly for Google App Script, this seems to be a library for OAuth2 - GitHub - googleworkspace/apps-script-oauth2: An OAuth2 library for Google Apps Script.. It also talks about how to get the redirect uri to register with the OAuth provider - GitHub - googleworkspace/apps-script-oauth2: An OAuth2 library for Google Apps Script.

1 Like

Hello Ankit!

My problem was precisely that, I didn’t use the redirect url correctly, depending on my external app (in this case - Postman). Setting this URL for the callback message it passed the authorization and gets the token. Thanks a lot!
PS: I found a detailed configuration here, maybe it will be helpful for anyone in the future: UiPath Auth2.0 API consuming

2 Likes

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.