Retrieve bearer token using Postman

Hello,
I’d want to trigger a robot for running a process and I’ve read that the first step is the authentication.
So, I registered a new account under https://platform.uipath.com/. My endpoint, now, is https://platform.uipath.com/XXX/YYY/

Using postman, I’m querying this endpoint https://platform.uipath.com/XXX/YYY/api/Account/Authenticate in POST with the Content-Type: application/json in the header and in the body this json:

{
	"usernameOrEmailAddress": "federico.cuozzo@xxx.com",
	"password": "xxx@"
}

… but I got this response:

{
“message”: “Invalid credentials, failed to login.”,
“errorCode”: 1000,
“resourceIds”: null
}

I’m sure that credentials are right because I can login to the Orchestrator using a browser.
So, which is a resolution for this problem?

Thank you!
Regards.

1 Like

Hi @fe.cuozzo

Welcome back! :slight_smile:

Please be aware that the way to authenticate was changed with the introduction of Cloud Platform:
Please follow the guide here:
https://docs.uipath.com/orchestrator/v2019/reference#consuming-cloud-api

You can see this process I made to quickly go through the steps:

3 Likes

Hi @loginerror,
thank you for your reply!

I’ve followed the guide you linked and I resolve the authentication problem.
I can also retrieve information about user logged into Orchestrator, as you can see in the picture, using the id_token generated from refresh_token API request.

So, I move forward to get some information using Orchestrator API and I try to get license information.
As you can see in the picture, using the client_token as authorization code (generated from refresh_token API request) I receive a negative response.

Something’s wrong?

Regards

Easy enough :slight_smile: After you go through the authentication, you should use the access_token as the Bearer token.

Just to make it all clear, all you need from now on is:
access_token to run the API call
refresh_token to refresh the access_token (otherwise it expires after 24 hours by default, but I think latest 2019.7 or 8 will add an API call to modify the expiration period :slight_smile: )

Sorry, my mistake while writing the reply post.
In order to get license information, I use the access_token as you indicate in your reply and as indicated in the guide I’m following, but I get the error (showed in the second screenshot I attached earlier).

@loginerror, I’ve also another question: how can I retrieve the client_id for refreshing token and getting the access_token? Is it based on the personal credential?

Regards

I have tested it on my end and it seems to be working.

Let’s take it step by step, but first a short answer to the last question.

how can I retrieve the client_id for refreshing token and getting the access_token? Is it based on the personal credential?
client_id is a constant and should just be taken as is:

"client_id": "5v7PmPJL6FOGu6RB8I1Y4adLBhIwovQN"

Therefore, all you need to refresh the access_token is the refresh_token :slight_smile:

Now, to the API calls

One thing I can think of:

  • could you recheck the output of this part of the guide:

    For me the service instance logical name has some random alphanumerics on top of the name
1 Like

@loginerror, Solved in this way!
I’ve to retrieve first the serviceInstanceLogicalName :slight_smile:

Many thanks!
Regards!

1 Like

No problem, I’m glad we found the solution :slight_smile:

Hi

I’ve tried something similar but get an error

“errorMessage”: “Full authentication is required to access this resource”,

Any help would be appreciated.

Thanks
Davendra

@davendra

Please check the below topic for all the steps